logo

Security and Risk Management Assignment

   

Added on  2020-03-16

15 Pages3258 Words295 Views
Running Head: SECURITY AND RISK MANAGEMENTSecurity and Risk Management: Proposal for MYOB, AustraliaName of the StudentName of the University
Security and Risk Management Assignment_1
1SECURITY AND RISK MANAGEMENTTable of Contents1.0 Introduction................................................................................................................................22.0 Investigation..............................................................................................................................33.0 Risk Analysis Matrix.................................................................................................................44.0 Disaster Recovery (DR) Plan.....................................................................................................85.0 Proposal for Contingency Plan and Business Continuity Plan (BCP).....................................106.0 Analysis and Report on Controls.............................................................................................117.0 Logical Map of Organizational Structure................................................................................128.0 Conclusion...............................................................................................................................13References......................................................................................................................................14
Security and Risk Management Assignment_2
2SECURITY AND RISK MANAGEMENT1.0 IntroductionThe chosen organization for the investigation of various risks and preparation of riskmanagement plan is MYOB (Mind Your Own Business), Australia. MYOB is an Australianbased organization that develops tax and accounting softwares for helping small and mediumsized business organizations. Since the advent of cloud computing services, MYOB has hostedits entire operations online in the cloud interface (Lim et al., 2013). Instead of physical storageand manual handling of the operations, the cloud based system is much more efficient and doesnot require additional physical storage space. However, due to hosting the entire operations, thecompany faces some serious security risks. The main risks will be discussed later in this report.Due to the chances of occurrence of the risks, some disaster may occur during anytime that willnot only disrupt in the business operations but will also incur serious long term consequences inthe business of MYOB. Hence, it is important to prepare a contingency plan in order to recoverthe system from the possible attacks and security issues. However, contingency planning is onlya short term plan for system recovery. It is more important to develop a risk management plan inorder to ensure that the chances of the risks are minimized to as low as possible. Moreover,business continuity planning is required in order to maintain business continuity in spite ofoccurrence of the risks.In this report, the current situation at MYOB has been analyzed with the help of somerisk analysis tools and techniques. Moreover, the main risks have been identified and acontingency plan has been prepared. Finally, a proposal has been prepared for the businesscontinuity planning of the organization.
Security and Risk Management Assignment_3
3SECURITY AND RISK MANAGEMENT2.0 InvestigationIn order to investigate the existing situation at MYOB and identify the risks associatedwith it, a number of tools and techniques have been used. These tools and techniques aredescribed as follows.Documentation Review – Documentation review is a basic risk assessment technique thatis used to analyze the existing situation in an organization. Analysis and review of the existingsituation helps to identify the gaps that may result in the security risks and issues. For thisproject, a documentation review was conducted where the documents of MYOB were reviewedfor analyzing the current situation of the company.Delphi Technique – In Delphi technique, a team of experts are contracted anonymouslyand some information is sent to them for analysis and review. The whole process is keptanonymous in order to avoid biasing. After the information is sent, the experts analyze it andreach suitable conclusions (Sadgrove et al., 2016). These conclusions are listed, documentationand sent back. This Delphi technique is an effective analysis tool as a team of experts conductthe entire analysis process.Interview – Personal or questionnaire interview is one of the most effective tools for riskanalysis in an organization. In addition to understanding the existing situation at theorganization, several diverse ideas can be generated in the interview that helps to analyze variousaspects of the organization instead of focusing on just one. In this particular project, aquestionnaire based interview has been conducted on the current employees of MYOB. The mainaim of this interview was to identify the gaps that may cause risks in the company’s existingbusiness system. Instead of conducting overall overview, the employees’ opinions were collected
Security and Risk Management Assignment_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Information Security and Risk Management Assignment
|20
|3853
|287

Discussion Paper: Backup and Disaster Recovery Plan
|6
|1559
|275

Business Continuity Plan: Oakland University - MGT 448
|20
|3570
|380

Contingency Planning for Information Security and Policy Documents at Denisovan Medical Supplies
|15
|4012
|245

Drotos Engineering DR/BC Strategy Discussion 2022
|8
|1213
|139

Backup and Disaster Recovery Plan for Information Technology
|6
|1178
|319