Information Technology Security Risk Assessment Report

Verified

Added on 2020/03/04

AI Summary

This report examines the critical aspects of IT security risks and their mitigation. It begins by defining information technology and IT risks, emphasizing the importance of risk management. The report identifies several key threats, including obsolete operating systems, lack of encryption, misuse of devices, over-reliance on security devices, and insufficient system logging. It then outlines various approaches to reduce IT risks and enhance security, such as securing wireless networks, servers, and computers; installing anti-spyware and anti-virus protection; using and updating passwords; regularly updating software; using data backups; providing personnel training; and implementing intrusion detection systems. The conclusion reiterates the vulnerability of IT systems to various risks and stresses the need for proactive measures to identify and control these risks, ensuring the protection of information from potential threats.

Running head: IT SECURITY RISK
IT Security Risk
Name of the Student
Name of the University
Author’s Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1
IT SECURITY RISK
Table of Contents
Introduction......................................................................................................................................2
Discussion........................................................................................................................................2
Conclusion.......................................................................................................................................4
References........................................................................................................................................5

2
IT SECURITY RISK
Introduction
Information technology is the utilization of systems to handle, store and retrieve
information. Risks that are related to information technology are known as information
technology risks or IT risks (Alhawari et al., 2012). These types of risks are extremely common
in information technology. However, these risks can be reduced with different approaches. This
report outlines the various approaches to reduce risks in information technology.
Discussion
The application of the methods of risk management is known as IT risk management. The
information technology risks can be controlled with various and different approaches. The
different risks of information technology are as follows:
i)Obsolete operating systems: The outdated and obsolete operating system is a major threat and
risk in information technology.
ii) Lack of encryption: The lack of encryption of the important and the confidential messages is
another major threat in information technology (Venkatesh, Thong & Xu, 2012).
iii) Using other’s phones or tablets: Opening various confidential applications in electronic
devices that are not owned by the user is another basic threat in information technology.
iv) Over-reliance on security scanning devices: Dependency on the software or devices that
monitor security completely is another threat or risk in information technology.
v) Insufficient logging of system: Insufficient system logging is another major threat in
information technology.

3
IT SECURITY RISK
The approaches to reduce IT risks and to improve information technology security are as
follows:
i) Secure servers, computers and wireless networks: The main step towards improving IT
security and managing IT risks is to secure the wireless networks, servers and the computers.
Wireless networking is the process by which networking is installed without installing wires.
This type of network should be secured in the first position to reduce the risks in information
technology (Kotelnikov, 2014). Another important approach to improve security in IT is to
secure the servers and the computers, through which the information is stored, retrieved and
handled.
ii) Installation of anti-spyware and anti-virus protection: Firewalls should be present in every
personal computers. Anti-virus and anti-spyware software should be installed in all computers to
secure the information technology and to improve security.
iii) Use and update passwords: Passwords should be used and updated regularly, so that there is
a less chance of hacking and phishing. Use of passwords improves security in information
technology.
iv) Update software regularly: Software should be updated regularly to their latest versions
(Schwalbe, 2015). There is a high chance of IT risks if software are not updated and used in their
obsolete versions.
v) Use data back-ups: Data back-ups should be used, which includes off-site and remote storage.
Data back-ups improve security and reduce risks of information technology.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4
IT SECURITY RISK
vi) Personnel training: All the personnel should be trained thoroughly for the information
technology procedures and policies.
vii) Intrusion detection systems: Introduction of intrusion detection systems in information
technology can reduce and mitigate risks.
Conclusion
Therefore, from the above discussion, it can be concluded that information technology
deals with various risks and threats that are vulnerable to the system. Such risks can be identified
with proper measures so that hackers cannot intrude into the systems. The above report contains
all the probable risks and the measure to reduce and control those risks.

5
IT SECURITY RISK
References
Alhawari, S., Karadsheh, L., Talet, A. N., & Mansour, E. (2012). Knowledge-based risk
management framework for information technology project. International Journal of
Information Management, 32(1), 50-65.
Kotelnikov, V. (2014). Small and medium enterprises and ICT.
Schwalbe, K. (2015). Information technology project management. Cengage Learning.
Venkatesh, V., Thong, J. Y., & Xu, X. (2012). Consumer acceptance and use of information
technology: extending the unified theory of acceptance and use of technology.