Identification of vulnerabi: A case study
Added on 2021-05-27
12 Pages2668 Words329 Views
|
|
|
Running head:IS/IT RISK MANAGEMENTIS/IT Risk Management(VitaCrux Pty Ltd)Name of the student:Name of the university:Author Note
1 IS/IT RISK MANAGEMENTExecutive summaryThe following report includes the analysis and identification of most of vulnerabilities and threatsunder VitaCrux. Then an impact analysis is conducted with qualitative and quantitative methods.Then a thorough likelihood analysis and control analysis is done relating to every complexvulnerabilities.
2 IS/IT RISK MANAGEMENTTable of Contents1. Identification and analysis of threats & vulnerabilities within VitaCrux:.........................................31.1. Technical threats and vulnerabilities:.........................................................................................31.2. Operational challenges:..............................................................................................................41.3. Managerial challenges:...............................................................................................................42. Impact analysis through qualitative and quantitative methods:.........................................................42.1. Qualitative analysis:....................................................................................................................42.2. Quantitative analysis:..................................................................................................................53. Control assessment and likelihood analysis for VitaCrux:................................................................53.1. Control assessment:....................................................................................................................53.2. Likelihood analysis:....................................................................................................................64. Various risk analysis for VitaCrux:...................................................................................................64.1. Threat analysis:...........................................................................................................................64.2. Vulnerability and threat analysis of acceptable risks:................................................................74.3. Impact analysis:..........................................................................................................................84.4. Likelihood analysis:....................................................................................................................84.5. Risk determination:.....................................................................................................................85. References:......................................................................................................................................10
3 IS/IT RISK MANAGEMENT1. Identification and analysis of threats & vulnerabilities within VitaCrux: VitaCrux Pty Ltd or VitaCrux is a mid-sized organization producing and selling health andfood supplements. Protection of intellectual property, sensitive customer data and various otherbusiness-critical data needs a comprehensive security strategy closely matching business objectives. In current world, information and protecting information have been complex considerationsfor businesses. Customers of VitaCrux need to assure that their data is kept secured. As they cannotkeep that safe, the organization would be losing their business. There are many clients havingsensitive data demands that they have a solid infrastructure for data security in proper place. Thismust be done before performing business. Vitacrux must determine that with those considerations asthe basis, how much confidence they have been possessing as it comes to IT security of thecompany. 1.1. Technical threats and vulnerabilities:Hacking It provides scopes to extract data regarding monetary and political gains. CrackingVarious personnel changes have been taking place along with security policies that are likely to be changed in due time. This leads towards unauthorized access towards sensitive data (Csrc.nist.gov, 2018). Malware It disrupts computer operations and collects sensitive data, gaining access to computersystems compromising information. Data leakage This refers to various unauthorized physical and electronic transmission of data within Vitacrux. This is done to external recipients and destinations leaving data in wrong hands (Laudon and Laudon 2016).
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents