IT Risk Management
Added on 2023-04-21
13 Pages3585 Words456 Views
Running head: IT RISK MANAGEMENT
IT Risk Management
Name of the Student:
Name of the University:
IT Risk Management
Name of the Student:
Name of the University:
1IT RISK MANAGEMENT
Executive Summary
Software House is such a company which is provided internet based solutions to make
improvement in the business functions. The organization is provided with applications support to
the clients. In the organization, code furthermore credentials is accumulated on servers, which
are openly available via the Internet. The organization has a significant venture in this data,
therefore both integrity as well as confidentiality is required in the organization. Staffs can
manage server infrastructure, however management is rather lacked with many public
transversely the organization deliberating organizational passwords. The possible risks in the
organization are infrastructure, services and data, supervision, security, backup furthermore
failure recovery and network moreover physical location. There are also risks of individual
workstations and passwords. Within the organization, there is also no formal on boarding and off
boarding processes and there is close to no such organizational polices within the organization.
The risks are categorized based on software related risks, network and database based risks. It is
required that the organization can direct risk assessment for both system and client. The risk
assessment can manage risks and then reduce then based on their impact on the selected
organization. A future planning is needed in the internet based system as risks and vulnerabilities
can create problem to the system.
Executive Summary
Software House is such a company which is provided internet based solutions to make
improvement in the business functions. The organization is provided with applications support to
the clients. In the organization, code furthermore credentials is accumulated on servers, which
are openly available via the Internet. The organization has a significant venture in this data,
therefore both integrity as well as confidentiality is required in the organization. Staffs can
manage server infrastructure, however management is rather lacked with many public
transversely the organization deliberating organizational passwords. The possible risks in the
organization are infrastructure, services and data, supervision, security, backup furthermore
failure recovery and network moreover physical location. There are also risks of individual
workstations and passwords. Within the organization, there is also no formal on boarding and off
boarding processes and there is close to no such organizational polices within the organization.
The risks are categorized based on software related risks, network and database based risks. It is
required that the organization can direct risk assessment for both system and client. The risk
assessment can manage risks and then reduce then based on their impact on the selected
organization. A future planning is needed in the internet based system as risks and vulnerabilities
can create problem to the system.
2IT RISK MANAGEMENT
Table of Contents
1.0 Introduction................................................................................................................................3
2.0 Risk assessment process............................................................................................................3
3.0 Categorized risks, threats and vulnerabilities............................................................................5
4.0 Risk severity matrix...................................................................................................................7
5.0 Threat agents of the risks...........................................................................................................7
6.0 Impact on system.......................................................................................................................8
7.0 Mitigating the risks....................................................................................................................8
8.0 Literature review (Protection mechanism)................................................................................9
9.0 Conclusion...............................................................................................................................10
References......................................................................................................................................11
Table of Contents
1.0 Introduction................................................................................................................................3
2.0 Risk assessment process............................................................................................................3
3.0 Categorized risks, threats and vulnerabilities............................................................................5
4.0 Risk severity matrix...................................................................................................................7
5.0 Threat agents of the risks...........................................................................................................7
6.0 Impact on system.......................................................................................................................8
7.0 Mitigating the risks....................................................................................................................8
8.0 Literature review (Protection mechanism)................................................................................9
9.0 Conclusion...............................................................................................................................10
References......................................................................................................................................11
3IT RISK MANAGEMENT
1.0 Introduction
The technical analysis report is based on analyzing the technology environment of small
software house. The software house is working in the inventive software which is planned to
advertise the products in near expectations. With use of the internet, the code and documentation
is being stored on the servers. As the small software house is invested in data, then integrity as
well as confidentiality is most important for the organization. The organization desires to
enhance their customer business with usage of internet.
The report analyzes possible risks and threats which can cause due to usage of the
information system. The possible risks in the organization are related to infrastructure, services
and data, supervision, security, backup furthermore failure recovery and network moreover
physical location. There are also risks of individual workstations and passwords. Therefore, the
report analyzes risks, threats, attacks and security vulnerabilities which are caused in small
software house organization. In this report, the author discusses risk assessment process, risk
severity matrix, threats of identified risks and mitigation of the risks. It also analyzes protection
mechanism in form of the literature review.
2.0 Risk assessment process
Reason (2016) stated that risk assessment is a process to evaluate the risks to safety as
well as health of the workers from the workplace hazards. There are five steps to the risk
assessment which is followed to make sure that the risk assessment is to be carried out
effectively such as:
Identify the risks: The project risks are being identified from the usage of the internet in
the organization (Harrison & Lock, 2017). Identification of the risks is done by analyzing the
entire business functions of small software house such as infrastructure, services and data,
supervision, security, backup furthermore failure recovery and network moreover physical
location, workstations in addition to passwords.
1.0 Introduction
The technical analysis report is based on analyzing the technology environment of small
software house. The software house is working in the inventive software which is planned to
advertise the products in near expectations. With use of the internet, the code and documentation
is being stored on the servers. As the small software house is invested in data, then integrity as
well as confidentiality is most important for the organization. The organization desires to
enhance their customer business with usage of internet.
The report analyzes possible risks and threats which can cause due to usage of the
information system. The possible risks in the organization are related to infrastructure, services
and data, supervision, security, backup furthermore failure recovery and network moreover
physical location. There are also risks of individual workstations and passwords. Therefore, the
report analyzes risks, threats, attacks and security vulnerabilities which are caused in small
software house organization. In this report, the author discusses risk assessment process, risk
severity matrix, threats of identified risks and mitigation of the risks. It also analyzes protection
mechanism in form of the literature review.
2.0 Risk assessment process
Reason (2016) stated that risk assessment is a process to evaluate the risks to safety as
well as health of the workers from the workplace hazards. There are five steps to the risk
assessment which is followed to make sure that the risk assessment is to be carried out
effectively such as:
Identify the risks: The project risks are being identified from the usage of the internet in
the organization (Harrison & Lock, 2017). Identification of the risks is done by analyzing the
entire business functions of small software house such as infrastructure, services and data,
supervision, security, backup furthermore failure recovery and network moreover physical
location, workstations in addition to passwords.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
IT Risk Management: Assessing Security Risks and Recommendationslg...
|8
|1806
|475
Information and Systems Securitylg...
|6
|1029
|28
Network Design Proposal for XYZ Retailslg...
|15
|873
|395
IT Risk Management Strategies: Identifying Risks, Mitigation, and Data Security in ABC Companylg...
|15
|3025
|73
Unethical and Security Issues of AEnergy Companylg...
|5
|1195
|272
Internet-Based Applications and Security Concernslg...
|8
|1182
|470