Risk Assessment for Information Security and Risk Management
Added on 2023-04-23
7 Pages1064 Words150 Views
ISOL 533 - Information Security and Risk Management RISK ASSESSMENT
PLAN
University of the Cumberlands
EXECUTIVE SUMMARY
The aspect of the risk management initiates with the identification of the risks,
vulnerabilities and the threats and then perform the assessment of them. The assessment of
the risk denotes to the evaluation of the risk in the term of two factors, which are the
evaluation of the each of the likelihood of occurring any situation, and second factor is
connected to the evaluation of the consequences or impacts of the risk on any organisation.
Both these factors are essential for understanding how the risk measures deals with the risks.
RISKS – THREATS – WEAKNESSES WITHIN EACH
DOMAIN
Table 1
R-T-W Domain Impacted Risk Impact /
Factor
Risk: Malware gets downloaded within the companies
workstation
Threat: Unauthenticated access from non-private internet
connections
Weakness: incorrect implementation of security protocols
Remote access domain 1
Risk: Sometimes sensitive business data are being deleted
and business faces damage
Threat: user sometimes destroys data that is stored in the
application part and deletes all the files
Weakness: leads improper training of employees
LAN to WAN domain 2
Risk: frequently damages are caused to network and the User domain 1
PLAN
University of the Cumberlands
EXECUTIVE SUMMARY
The aspect of the risk management initiates with the identification of the risks,
vulnerabilities and the threats and then perform the assessment of them. The assessment of
the risk denotes to the evaluation of the risk in the term of two factors, which are the
evaluation of the each of the likelihood of occurring any situation, and second factor is
connected to the evaluation of the consequences or impacts of the risk on any organisation.
Both these factors are essential for understanding how the risk measures deals with the risks.
RISKS – THREATS – WEAKNESSES WITHIN EACH
DOMAIN
Table 1
R-T-W Domain Impacted Risk Impact /
Factor
Risk: Malware gets downloaded within the companies
workstation
Threat: Unauthenticated access from non-private internet
connections
Weakness: incorrect implementation of security protocols
Remote access domain 1
Risk: Sometimes sensitive business data are being deleted
and business faces damage
Threat: user sometimes destroys data that is stored in the
application part and deletes all the files
Weakness: leads improper training of employees
LAN to WAN domain 2
Risk: frequently damages are caused to network and the User domain 1
ISOL 533 - Information Security and Risk Management RISK ASSESSMENT
PLAN
University of the Cumberlands
secured files that are stored within the system
Threat: hacker penetrates in to the IT infrastructure and
gains much better access to the internal network
Weakness: improper design of network firewall
Risk: users are obtaining malicious intent in a result anger
Threat: intra office employee intimacy went wrong
Weakness: improper education of employees and lack of
training
System/application
domain
3
Risk: several damages are done towards the business
data
Threat: fire is responsible for destroying the primary data
center
Weakness: inefficient and ineffective hazard protocols
Remote access domain 2
Risk: there is a huge demand for the service providers so
that they can fulfill the needs of the company
Threat: it is important for the service provider to Service
provider service level agreement SLA is not achieved
Weakness: weak management of organization
Workstation domain 1
Risk: there is a high chance that the workstation might get
hacked by unauthorized person and can be damaged to a
serious level
Threat: the operating system of the workstation has a well-
known software
Weakness: ineffective IT sector for the company
Workstation domain 1
Risk: it is observed that malicious users accessing
sensitive
WAN domain 2
PLAN
University of the Cumberlands
secured files that are stored within the system
Threat: hacker penetrates in to the IT infrastructure and
gains much better access to the internal network
Weakness: improper design of network firewall
Risk: users are obtaining malicious intent in a result anger
Threat: intra office employee intimacy went wrong
Weakness: improper education of employees and lack of
training
System/application
domain
3
Risk: several damages are done towards the business
data
Threat: fire is responsible for destroying the primary data
center
Weakness: inefficient and ineffective hazard protocols
Remote access domain 2
Risk: there is a huge demand for the service providers so
that they can fulfill the needs of the company
Threat: it is important for the service provider to Service
provider service level agreement SLA is not achieved
Weakness: weak management of organization
Workstation domain 1
Risk: there is a high chance that the workstation might get
hacked by unauthorized person and can be damaged to a
serious level
Threat: the operating system of the workstation has a well-
known software
Weakness: ineffective IT sector for the company
Workstation domain 1
Risk: it is observed that malicious users accessing
sensitive
WAN domain 2
ISOL 533 - Information Security and Risk Management RISK ASSESSMENT
PLAN
University of the Cumberlands
Threat: unauthorized access is offered to the organization
with workstations
Weakness: the security mechanism offered is ineffective
and not efficient
Risk: damages are caused to the different network within
the company
Threat: the main threat that comes along with this includes
Denial of service attack on organization Demilitarized Zone
(DMZ) and e-mail server
Weakness: the security provided by the firewall is improper
and inefficient
System and application
domain
3
Risk: it is observed that unauthorized users gained a
remote access towards the office files. This has the
potential of affecting the files within the system
Threat: the communication mainly takes place within the
remote locations from home office
Weakness: the major drawback is that it leads to
unorganized organization management
Remote access domain 1
Risk: several security threats are being faced by the
companies LAN
Threat: there is a tendency of LAN to have OS with a
proper known vulnerability
Weakness: the IT sector companies are ineffective and not
efficient
LAN domain 1
Risk: Malware gets downloaded within the system of the
employee
User domain 1
PLAN
University of the Cumberlands
Threat: unauthorized access is offered to the organization
with workstations
Weakness: the security mechanism offered is ineffective
and not efficient
Risk: damages are caused to the different network within
the company
Threat: the main threat that comes along with this includes
Denial of service attack on organization Demilitarized Zone
(DMZ) and e-mail server
Weakness: the security provided by the firewall is improper
and inefficient
System and application
domain
3
Risk: it is observed that unauthorized users gained a
remote access towards the office files. This has the
potential of affecting the files within the system
Threat: the communication mainly takes place within the
remote locations from home office
Weakness: the major drawback is that it leads to
unorganized organization management
Remote access domain 1
Risk: several security threats are being faced by the
companies LAN
Threat: there is a tendency of LAN to have OS with a
proper known vulnerability
Weakness: the IT sector companies are ineffective and not
efficient
LAN domain 1
Risk: Malware gets downloaded within the system of the
employee
User domain 1
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Risks, Threats, and Vulnerabilities in Bank IT Infrastructurelg...
|3
|803
|366
Security Assessment: Risk Assessment and Security Vulnerabilities in XYZ Organisationlg...
|14
|2277
|186
Asset Security and Risk Management for Charles Darwin Universitylg...
|8
|581
|475