Assets and Risk Management: Quantitative and Qualitative Analysis

Verified

Added on 2022/08/18

AI Summary

This report provides a comprehensive analysis of asset and risk management, covering both quantitative and qualitative approaches. It delves into the methodologies used in quantitative analysis, highlighting how numerical data and risk reports are utilized to assess financial impacts, while also exploring the broader scope of qualitative analysis, which incorporates stakeholder opinions and probability assessments. The report further examines various strategies for identifying threats within a company, including observing attackers, hiring threat analysts, and creating threat communities. It emphasizes the importance of protecting key assets such as hardware, software, and confidential data, outlining specific security measures for servers, network switches, and databases. Finally, the report discusses the crucial steps involved in developing effective security policies, including understanding network assets and implementing access control measures to mitigate risks. The report is a student submission, and you can find more such resources on Desklib.

Running head: ASSETS AND RISK MANAGEMENT
ASSETS AND RISK MANAGEMENT
Name of the Student
Name of the Professor
Date

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1ASSETS AND RISK MANAGEMENT
Question 1
 Quantitative analysis
In the Quantitative Analysis method, it allocates numbers to several risks that are totally based
on the various risk reports. After that, the data is generated for that particular risk. When it is
compared to preset criteria, a good decision can be taken (Al Janabi, 2020). It can be represented
with the help of some figures, percentages and many other techniques. This technique can be
used to answer a query – “What is the financial impact of the risk?”. For performing this risk
assessment, a risk assessment team at first detects the main assets of the business of a company.
It is also less important. This method tells to engage many teams of delegate for saying how
various teams are affected by different types of risks.
 Qualitative analysis
It helps to provide a qualitative assessment of the risks of a company. It does not highlight the
numbers as well as percentages of the risk. At the time of assessment, it raises one question-
“how would the service is affected by the loss?” and “how would the service is affected by the
risk?”. It has a broader aspect than quantitative analysis (Voronov & Ivanov, 2020). It takes the
help of opinions as well as the views of many stakeholders. It helps a company to integrate the
probability of occurring the risks. In this particular case, brainstorming techniques, interviewing
as well as Delphi techniques are used very frequently. Another popular approach is the SWOT
analysis approach. Using a SWOT analysis approach, the analyst can identify the threats of the
company.
Question 2
There are several approaches with the help of which threats can be identified in a company. These are as
follows:

2ASSETS AND RISK MANAGEMENT
 Observing the attackers
With the help of the log data, a company can get a wide knowledge regarding the possible threats
occurred in the company in the near future. But predicting the threats with the help of the
original data is a very difficult task (Voronov & Ivanov, 2020). Good automation tools will help
a company to differentiate between the attacks as well as noise. The company's authority may
use security information as well as event management products. But with the help of these
strategies, it is very difficult to detect the low-frequency attacks.
 Hiring a threat analyst
A company can hire a threat analyst for analysing as well as predicting threats. It helps the
company to stay focused on the risk (Nandi et al., 2020). Hiring an experienced technologist is
not mandatory for this purpose. In this case, the company does not require a security engineer to
resolve the threats, but they want a person who can correctly predict the threats.
 Creating a threat community
It is another important way to identify the threats occurred within a company. The top-level
management of the company can get in touch with the security professional of other companies
(Jennex & Durcikova, 2020). They can generate an Information Sharing as well as Analysis
Centre (ISAC) for exchanging the threat data. The company may register its name in the
Infragard program of FBI.
Question 3
The assets that need protection within a company are hardware, software and some confidential
information stored within the central database of a company. Server and switches are the most important
gadgets within the hardware portion (Amin, Valverde & Talla, 2020). The servers can be hacked with the help
of some attacks. For example, phishing attack, spoofing attack, hijacking attack and many others. The company

3ASSETS AND RISK MANAGEMENT
must implement some security policies to give adequate security to the servers of the company. By attacking the
network switches, the computer network of the company can be protected. The company most provides proper
security measures to the official website of them. For securing the confidential information, they must provide
some login credentials to the database system.
Question 4
Before the development of the security policy of the company, they should first understand two major
points. These are as follows:
 They must understand all the assets of the networking department of the company.
 They should identify all the network assets of the network.
One of the tradeoffs that can be used to restrict access to the assets of the company is by generating the
physical access control and basic authentication procedures like the use of passwords or smartcards for
accessing the assets (Al Janabi, 2020). It will help the company to protect several assets from some
unauthorised access. It has the ability to reduce risk. It can be exposed to the assets of the company.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4ASSETS AND RISK MANAGEMENT
References
Al Janabi, M. A. (2020). Strategic Corporate Decision Making With Market and Liquidity Risk Management.
In Social, Economic, and Environmental Impacts Between Sustainable Financial Systems and Financial
Markets (pp. 307-318). IGI Global.
Amin, A., Valverde, R., & Talla, M. (2020). Risk Management via Digital Dashboards in Statistics Data
Centers. International Journal of Information Technologies and Systems Approach (IJITSA), 13(1), 27-
45.
Ellul, A., Pagano, M., & Scognamiglio, A. (2020). Career risk and market discipline in asset management. The
Review of Financial Studies, 33(2), 783-828.
Jennex, M. E., & Durcikova, A. (2020). Knowledge Systems and Risk Management: Towards a Risk and Threat
Assessment Framework. In Current Issues and Trends in Knowledge Management, Discovery, and
Transfer (pp. 367-385). IGI Global.
Nandi, A., Sinha, M., Dutta, A., & Sengupta, P. P. (2020). An Analysis of Total Risk Management in
Performances of Public Sector Banks in India. In Smart Intelligent Computing and Applications (pp. 67-
73). Springer, Singapore.
Voronov, V., & Ivanov, V. (2020). The rise of cyber market for stock art: Assets aggregation and the wealth of
mass creativity. Innovation Management and Education Excellence Vision, 4-5.