Risk Assessment
Added on 2023-01-19
10 Pages1954 Words60 Views
Running head: RISK ASSESSMENT
Risk Assessment
[Name of the Student]
[Name of the University]
[Author note]
Risk Assessment
[Name of the Student]
[Name of the University]
[Author note]
1RISK ASSESSMENT
Risk Assessment:
The cyber risk assessment is generally defined as the process associated with the
identification, analysis and the evaluation of the different kind of cyber risks. This risk
assessment is associated with studying along with analyzing of the entire IT infrastructure and is
also responsible for the identification of the vulnerabilities faced by the system at the juncture of
the people, technology and the process along with the vulnerabilities which exists within the
system.
Besides all this Mr. Brown would be working along with the executive managers for the
purpose of making sure of the fact that the entire risk assessment process is being documented so
as to understand the risks that might arise. There exists lot of internal risks as well as external
risks and for that reason the organization has been planning the implementation of the different
security technologies such as the Physical access control, the digital access control and many
more. Security of the data is one of the major risk that is being faced by the organization and for
this reason special emphasis needs to be put upon this. The basic risk management strategy
which is to be followed by Mr. Brown have been discussed below. The steps discussed below
would be helping the organization in elimination of any kind of risks that are likely to be faced.
The risks which have been identified can be categorized into two types the adversarial
threats and the non-adversarial threats (Dua and Du). The Adversarial threats are associated with
including those risks which can be exploited very easily by the third-party attackers and followed
by this is the non-adversarial threats which mainly happens because of the negligence or due to
mistake or because of some of the other non-,malicious means which can be responsible for
Risk Assessment:
The cyber risk assessment is generally defined as the process associated with the
identification, analysis and the evaluation of the different kind of cyber risks. This risk
assessment is associated with studying along with analyzing of the entire IT infrastructure and is
also responsible for the identification of the vulnerabilities faced by the system at the juncture of
the people, technology and the process along with the vulnerabilities which exists within the
system.
Besides all this Mr. Brown would be working along with the executive managers for the
purpose of making sure of the fact that the entire risk assessment process is being documented so
as to understand the risks that might arise. There exists lot of internal risks as well as external
risks and for that reason the organization has been planning the implementation of the different
security technologies such as the Physical access control, the digital access control and many
more. Security of the data is one of the major risk that is being faced by the organization and for
this reason special emphasis needs to be put upon this. The basic risk management strategy
which is to be followed by Mr. Brown have been discussed below. The steps discussed below
would be helping the organization in elimination of any kind of risks that are likely to be faced.
The risks which have been identified can be categorized into two types the adversarial
threats and the non-adversarial threats (Dua and Du). The Adversarial threats are associated with
including those risks which can be exploited very easily by the third-party attackers and followed
by this is the non-adversarial threats which mainly happens because of the negligence or due to
mistake or because of some of the other non-,malicious means which can be responsible for
2RISK ASSESSMENT
making the organization face risk. The non-adversarial risks generally comes from the typical
users which includes the employees and the admins.
Once the threat identification is completed there would exist a need of assessing the
identified risks. Once the risks are evaluated and identified it becomes necessary for the risk
analysis process to analyze all the risks that would be occurring along with the determination of
the consequences which are linked with each of the risks, this might also be helping in
determination of the ways by which the risk might be associated with affecting the objectives of
the organization.
Development of the risk management plan is followed by the analysis and the risk management
plan would be associated with providing an idea about the assets which are valuable and threats
which would probably be associated with affecting the IT assets in a negative way and in
accordance to that the risk management plan would be prepared (Hubbard and Seiersen.). This
plan in turn would be associated with producing certain control recommendations which might
be used for the purpose of mitigating, transferring, accepting or avoiding of the risk. .
Followed by the development of the risk management plan is the implementation of the
risk management plan and this is considered to the primary goal which includes the
implementation of certain measures for the purpose of removing and reducing the analyses risks
(Ganin). It is possible to remove or reduce the risks which starts from the highest priority or
might be resolving the risk or at least mitigate the risks so as to make sure that the risk is no
longer exist as a threat.
making the organization face risk. The non-adversarial risks generally comes from the typical
users which includes the employees and the admins.
Once the threat identification is completed there would exist a need of assessing the
identified risks. Once the risks are evaluated and identified it becomes necessary for the risk
analysis process to analyze all the risks that would be occurring along with the determination of
the consequences which are linked with each of the risks, this might also be helping in
determination of the ways by which the risk might be associated with affecting the objectives of
the organization.
Development of the risk management plan is followed by the analysis and the risk management
plan would be associated with providing an idea about the assets which are valuable and threats
which would probably be associated with affecting the IT assets in a negative way and in
accordance to that the risk management plan would be prepared (Hubbard and Seiersen.). This
plan in turn would be associated with producing certain control recommendations which might
be used for the purpose of mitigating, transferring, accepting or avoiding of the risk. .
Followed by the development of the risk management plan is the implementation of the
risk management plan and this is considered to the primary goal which includes the
implementation of certain measures for the purpose of removing and reducing the analyses risks
(Ganin). It is possible to remove or reduce the risks which starts from the highest priority or
might be resolving the risk or at least mitigate the risks so as to make sure that the risk is no
longer exist as a threat.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Risk Assessment in Cyber Security - Importance, Difficulties, and Vulnerabilitieslg...
|9
|1440
|388
Security Management and Governancelg...
|7
|1663
|87
Cyber Security - Threats, Vulnerability, Risk, and Controllg...
|13
|2618
|100
IS Security and Risk Managementlg...
|13
|3313
|58
Risk Assessment for Atlassian Corporation Plclg...
|12
|1825
|357
System Security Assessment using Vulnerability Repositorieslg...
|42
|12515
|74