IT Risk Management Report: Aztek Operations in Australia
VerifiedAdded on 2020/03/23
|18
|4937
|34
Report
AI Summary
This report provides a comprehensive overview of IT risk management within Aztek's operations in the Australian financial services sector. It begins with an executive summary highlighting the importance of risk management in protecting the company's database, infrastructure, and IT management from potential disasters. The introduction defines risk management and its application in the context of Aztek, emphasizing the need for a systematic approach to mitigate risks and ensure business continuity. The report then delves into IT security policies and procedures, outlining the importance of safeguarding confidential information, maintaining data integrity, and controlling access to information. It explores the IT control framework, including principles for controlling the framework and the role of outsourcing key IT functionalities in risk management. The report also addresses data security, database migration, and strategies used for mitigation, culminating in a discussion of database security best practices specific to Aztek. Overall, the report emphasizes the importance of a proactive and well-defined IT risk management strategy for organizations operating in the financial services sector.
Running Head: IT Risk Management
IT Risk Management of Aztek
Operations in Australian Financial Service Sector
Table of Contents
Executive Summary...............................................................................................................................2
Introduction to the Risk Management of Aztek.....................................................................................2
IT Security Policies and procedures.......................................................................................................3
The Main Policies and the Procedure to be followed:.......................................................................4
IT Control Framework............................................................................................................................6
Operations in outsourcing key IT functionality in risk management.................................................6
IT Risk Management of Aztek
Operations in Australian Financial Service Sector
Table of Contents
Executive Summary...............................................................................................................................2
Introduction to the Risk Management of Aztek.....................................................................................2
IT Security Policies and procedures.......................................................................................................3
The Main Policies and the Procedure to be followed:.......................................................................4
IT Control Framework............................................................................................................................6
Operations in outsourcing key IT functionality in risk management.................................................6
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1
Risk Management in an Organisation
The main Principles used for controlling the framework...................................................................7
Data Security in an Organisation...........................................................................................................8
Migrating of Database.........................................................................................................................10
The four basic components of migrating of the database:..............................................................11
Strategies Used for Mitigation.........................................................................................................11
Database Security Best Practices of Aztek Organisation......................................................................12
Conclusion...........................................................................................................................................13
References...........................................................................................................................................14
Executive Summary
The main framework of the company has initialised with the disaster risk management which
is been rising in the threats been occurred in the company. The research made on the disaster
has been wide spread on the main impacts caused not only on the database but also on the
Risk Management in an Organisation
The main Principles used for controlling the framework...................................................................7
Data Security in an Organisation...........................................................................................................8
Migrating of Database.........................................................................................................................10
The four basic components of migrating of the database:..............................................................11
Strategies Used for Mitigation.........................................................................................................11
Database Security Best Practices of Aztek Organisation......................................................................12
Conclusion...........................................................................................................................................13
References...........................................................................................................................................14
Executive Summary
The main framework of the company has initialised with the disaster risk management which
is been rising in the threats been occurred in the company. The research made on the disaster
has been wide spread on the main impacts caused not only on the database but also on the
2
Risk Management in an Organisation
infrastructure of the organisation and the management of the IT. This leads to the big impact
on the big loss been occurred in an organisation which tends to recover all the disaster been
occurred so as to continue the all the business activities of an organisation. There should be
the systematic way for implementing the strategies to avoid the risks so as to continue
processing the business activities. It is very essential to understand and develop the ideas for
working on the management strategies. This project is been made on outsourcing the key IT
functionalities which is being used for developing of an applications as well as the
performance made and development of applications with the third party and functionality and
operations performed on networks and maintaining the organisation behaviour of an Aztek
company (Alhawari et al., 2012).
Introduction to the Risk Management of Aztek
Risk is often been termed as the disaster or the malicious activities which is being present as
the undesirable form of an activity been occurred. The activity which is being occurred as the
vulnerable event and the threats which are being occurred as the expected harm which is
being occurred in an organisation which is used to combine all the risks and the threats
occurred into an organisation to set the risk for the regret and the remuneration on the
probabilities based on expected outcomes. The application used for managing the risks in and
organisation to prevent and to overcome from the malicious and harmful activities which
mainly affect the main part of an organisation i.e. the whole infrastructure of an organisation
(Aubert et al., 2005). The business risk is been linked with the ownership, operational
activities, regarding the investment made with involvement of IT in an Organisation. It is
usually based on the risks been performed on the on-going basis. It is critical to examine the
risks and the threats being occurred in an organisation so as to prevent and to continuously
process all the business activities. It is the complete approach to all the IT security and the
Risk Management in an Organisation
infrastructure of the organisation and the management of the IT. This leads to the big impact
on the big loss been occurred in an organisation which tends to recover all the disaster been
occurred so as to continue the all the business activities of an organisation. There should be
the systematic way for implementing the strategies to avoid the risks so as to continue
processing the business activities. It is very essential to understand and develop the ideas for
working on the management strategies. This project is been made on outsourcing the key IT
functionalities which is being used for developing of an applications as well as the
performance made and development of applications with the third party and functionality and
operations performed on networks and maintaining the organisation behaviour of an Aztek
company (Alhawari et al., 2012).
Introduction to the Risk Management of Aztek
Risk is often been termed as the disaster or the malicious activities which is being present as
the undesirable form of an activity been occurred. The activity which is being occurred as the
vulnerable event and the threats which are being occurred as the expected harm which is
being occurred in an organisation which is used to combine all the risks and the threats
occurred into an organisation to set the risk for the regret and the remuneration on the
probabilities based on expected outcomes. The application used for managing the risks in and
organisation to prevent and to overcome from the malicious and harmful activities which
mainly affect the main part of an organisation i.e. the whole infrastructure of an organisation
(Aubert et al., 2005). The business risk is been linked with the ownership, operational
activities, regarding the investment made with involvement of IT in an Organisation. It is
usually based on the risks been performed on the on-going basis. It is critical to examine the
risks and the threats being occurred in an organisation so as to prevent and to continuously
process all the business activities. It is the complete approach to all the IT security and the
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3
Risk Management in an Organisation
risks management to cover the entire model of the business risks and management that is
usually used for the identification of the security-related business to overcome from all the
risks and for working on this it is essential to teach the employees working in an organisation
so as to have a proper guidance on the security and the main objectives to be worked on and
to have a proper security and network architecture (Benaroch et al., 2007). It security allows
the clients to update and improve the security risks management and the strategy which is
being used for continuing all the organisational activities and use the latest technologies to
raise the data information and the protection to mitigate the current risks and threats.
IT Security Policies and procedures
The resources which are being used in the organisation to have a strict security measures to
prevent and to overcome form all the problems. The inward and outside dangers to the
secrecy, uprightness, and accessibility of these assets have expanded. Security breaches in an
organisation are the most popular targets that have increased to destroy the IT architecture of
an organisation. They mainly target on the business transaction of an organisation, the
employee database, client database and organisational personal data. It is essential for every
organisation to overcome from the threats and to protect from the intrusions and wrong utilize
or divulgence (Benaroch et al., 2006). All the systems of an organisation should be daily or
weekly updated and maintained so as to overcome and have the prevention of the systems
from the intrusions and the malicious activities. The main purpose of the organisation
regarding the IT securities and the procedures is to ensure all the responsibilities of an
individual to understand the main scope and the responsibility of employees to be followed
for reducing the risks and to take the appropriate actions and the measures to be takes in
terms of security policy to protect the organisational resources. IT Security Assessments that
incorporate methodologies to administer the ID of and assurance from dangers and
Risk Management in an Organisation
risks management to cover the entire model of the business risks and management that is
usually used for the identification of the security-related business to overcome from all the
risks and for working on this it is essential to teach the employees working in an organisation
so as to have a proper guidance on the security and the main objectives to be worked on and
to have a proper security and network architecture (Benaroch et al., 2007). It security allows
the clients to update and improve the security risks management and the strategy which is
being used for continuing all the organisational activities and use the latest technologies to
raise the data information and the protection to mitigate the current risks and threats.
IT Security Policies and procedures
The resources which are being used in the organisation to have a strict security measures to
prevent and to overcome form all the problems. The inward and outside dangers to the
secrecy, uprightness, and accessibility of these assets have expanded. Security breaches in an
organisation are the most popular targets that have increased to destroy the IT architecture of
an organisation. They mainly target on the business transaction of an organisation, the
employee database, client database and organisational personal data. It is essential for every
organisation to overcome from the threats and to protect from the intrusions and wrong utilize
or divulgence (Benaroch et al., 2006). All the systems of an organisation should be daily or
weekly updated and maintained so as to overcome and have the prevention of the systems
from the intrusions and the malicious activities. The main purpose of the organisation
regarding the IT securities and the procedures is to ensure all the responsibilities of an
individual to understand the main scope and the responsibility of employees to be followed
for reducing the risks and to take the appropriate actions and the measures to be takes in
terms of security policy to protect the organisational resources. IT Security Assessments that
incorporate methodologies to administer the ID of and assurance from dangers and
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4
Risk Management in an Organisation
vulnerabilities through a successful hierarchical structure, an arrangement of all around
reported polices and forms, and a sound security design (Fenz, 2014). The organisational
policies specifically focus on the resources being used to overcome from the threats and
mainly intend to require the responsibility to the safety measure in a suitable manner. Aztek
has the main responsibilities to establish and follow the organisational standards for the
information security and the internal controls and planning the disaster recovery plan. It is
important for the organisation management to follow the main procedures, guidelines and
have the proper guidance for performing the tasks regarding security. The Primary focus is
been on the information which is kept confidential and reliable for conveying data all through
the State (Galliers et al., 2014).
The Main Policies and the Procedure to be followed:
1. Confidential Information- Information is based on the performance and the
position of a company. The information is strictly based on the job related
functions. The confidential information should remain within the organisation it
should not cross the boundaries of an organisation. It should be appropriate to
prevent from the appropriate transfer of the sensitive and confidential information.
The users working for an organisation should follow the required security
practices and services by keeping the passwords for the user validating (Glendon
et., 2016).
2. Information Content- The essential Information provided should be content
based and owned the primary responsibilities of the company to maintain the
authentication, integrity and the information provided should be accurate in flow.
The target of the owning the information regarding the organisation is to shield
the data from coincidental or purposeful harm and also unapproved revelation or
Risk Management in an Organisation
vulnerabilities through a successful hierarchical structure, an arrangement of all around
reported polices and forms, and a sound security design (Fenz, 2014). The organisational
policies specifically focus on the resources being used to overcome from the threats and
mainly intend to require the responsibility to the safety measure in a suitable manner. Aztek
has the main responsibilities to establish and follow the organisational standards for the
information security and the internal controls and planning the disaster recovery plan. It is
important for the organisation management to follow the main procedures, guidelines and
have the proper guidance for performing the tasks regarding security. The Primary focus is
been on the information which is kept confidential and reliable for conveying data all through
the State (Galliers et al., 2014).
The Main Policies and the Procedure to be followed:
1. Confidential Information- Information is based on the performance and the
position of a company. The information is strictly based on the job related
functions. The confidential information should remain within the organisation it
should not cross the boundaries of an organisation. It should be appropriate to
prevent from the appropriate transfer of the sensitive and confidential information.
The users working for an organisation should follow the required security
practices and services by keeping the passwords for the user validating (Glendon
et., 2016).
2. Information Content- The essential Information provided should be content
based and owned the primary responsibilities of the company to maintain the
authentication, integrity and the information provided should be accurate in flow.
The target of the owning the information regarding the organisation is to shield
the data from coincidental or purposeful harm and also unapproved revelation or
5
Risk Management in an Organisation
use as per the arrangement of the principles. It is essential that all the information
content should reflect the actual problems being faced in the company.
3. Access to an Information- Information being used for the accessibility should be
in the correct state to form the desired access to information which is responsible
for maintaining and holding the current and the accurate access to the employees
who are working in the company for performing the security and functions.
Imparting the suitable strategies, rules and best practices to the important client,
proprietor, or individuals sincerely in charge of facilitating exercises, conceding,
in the interest of their organization, client access to framework capacities, and
announcing all deviations to the Policy, systems, rules and best hones (Grace etr
al., 2015).
4. Information Security- It is essential for the organisation to maintain the security
so as to avoid the threats and the risks being affected in an organisation. The
information should flow in and to be classified in the well organisational manner
for maintain the security. It interprets the confidential information imposing to the
rules and regulations and for establishing the classification and the approving the
information access.
5. Availability of Information- The availability of information is necessary to hold
the responsibility of the client. The access of information is being granted as to
follow the required business process to be continued for performing the following
operations. The required availability is needed to for flowing of the information
regularly, periodically and constantly in an organisation (Hopkin, 2017).
Risk Management in an Organisation
use as per the arrangement of the principles. It is essential that all the information
content should reflect the actual problems being faced in the company.
3. Access to an Information- Information being used for the accessibility should be
in the correct state to form the desired access to information which is responsible
for maintaining and holding the current and the accurate access to the employees
who are working in the company for performing the security and functions.
Imparting the suitable strategies, rules and best practices to the important client,
proprietor, or individuals sincerely in charge of facilitating exercises, conceding,
in the interest of their organization, client access to framework capacities, and
announcing all deviations to the Policy, systems, rules and best hones (Grace etr
al., 2015).
4. Information Security- It is essential for the organisation to maintain the security
so as to avoid the threats and the risks being affected in an organisation. The
information should flow in and to be classified in the well organisational manner
for maintain the security. It interprets the confidential information imposing to the
rules and regulations and for establishing the classification and the approving the
information access.
5. Availability of Information- The availability of information is necessary to hold
the responsibility of the client. The access of information is being granted as to
follow the required business process to be continued for performing the following
operations. The required availability is needed to for flowing of the information
regularly, periodically and constantly in an organisation (Hopkin, 2017).
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6
Risk Management in an Organisation
IT Control Framework
A n organisation framework is used for controlling of the organisation data structure and is
which generally categorizes and bring together an organisational controls which are
performed internally which are used for practicing and establishing the procedure for creating
the business and reducing the business risk. The fundamental goal for having a system set up
is to help the convergence between the operations and control execution. Various standards
and frameworks have developed to meet the essential requirements of an organisation. The
Control framework is been designed to ensure that the threats or the risks should be reduced
by having a proper design in an organized form for having the proper implementation, testing
of a data and monitoring of the systems (Hoyt & Liebenberg, 2015). It is essential to have a
powerful tool used for implementing the proper framework tool which primarily focuses on
the key structures, Business values and processes so as to have the proper concept on internal
control. It is the process which is performed in the teams or by the individuals for the
dynamic learning for having a proper knowledge. The IT control Framework consider the
following aspects which are the core elements of an organisation which mainly includes the
administration, resources, structure of a company, its culture, business activities, assigned
tasks, etc. so as to meet the organisational objectives. It is totally dependent on the individual
belief or the ethical values which is essential to be followed by the employee for the
organisational standards. It plays a vital role for controlling, identifying and mitigating the
risks so as to have a continuous flow of business activities. These include the risks which are
not only related to the organisational achievements but also with the company specific
objectives and goals to the fundamental risks and availability (Jouini et al., 2014).
Operations in outsourcing key IT functionality in risk management
The company conduct business and rely on Information Technology for accessing large
market research databases and finding new consumers .whereas some other companies
Risk Management in an Organisation
IT Control Framework
A n organisation framework is used for controlling of the organisation data structure and is
which generally categorizes and bring together an organisational controls which are
performed internally which are used for practicing and establishing the procedure for creating
the business and reducing the business risk. The fundamental goal for having a system set up
is to help the convergence between the operations and control execution. Various standards
and frameworks have developed to meet the essential requirements of an organisation. The
Control framework is been designed to ensure that the threats or the risks should be reduced
by having a proper design in an organized form for having the proper implementation, testing
of a data and monitoring of the systems (Hoyt & Liebenberg, 2015). It is essential to have a
powerful tool used for implementing the proper framework tool which primarily focuses on
the key structures, Business values and processes so as to have the proper concept on internal
control. It is the process which is performed in the teams or by the individuals for the
dynamic learning for having a proper knowledge. The IT control Framework consider the
following aspects which are the core elements of an organisation which mainly includes the
administration, resources, structure of a company, its culture, business activities, assigned
tasks, etc. so as to meet the organisational objectives. It is totally dependent on the individual
belief or the ethical values which is essential to be followed by the employee for the
organisational standards. It plays a vital role for controlling, identifying and mitigating the
risks so as to have a continuous flow of business activities. These include the risks which are
not only related to the organisational achievements but also with the company specific
objectives and goals to the fundamental risks and availability (Jouini et al., 2014).
Operations in outsourcing key IT functionality in risk management
The company conduct business and rely on Information Technology for accessing large
market research databases and finding new consumers .whereas some other companies
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
Risk Management in an Organisation
transfers IT assets to third party vendors that helps the company to build safe It culture and
ensures that an organization remains in competition without losing ground. The outsourcing
is practiced now for many years and earlier this was named as “facilities management”. IT
outsourcing is basically a long term contract between a vendor and a consumer where vendor
helps consumer in organizational operations. These employees working in an organisation
provide the control, operate, maintain or manage the customer’s information systems such as
in equipment’ network and applications systems which is present either on customer or a
vendor’s side. In such relationship the equipment involved maybe owned by the vendor or the
customer. In this process customer finds a suitable vendor for their IT operations, then on
long term contract is established between a vendor and a customer with a condition of not
leaking the information that is outsourcing is done by non-information systems but
information systems is an integral part of it. This service is a mission critical service where
Information systems security is an important part of an outsourcing (Bahli & Rivard, 2003).
The main Principles used for controlling the framework
1. Purpose- The framework should be designed to have a proper modelling of an
organisation and have the main purpose or designing so that the risk should not take
place in an organisation.
2. Commitment- The employees working in an organisation should understand the main
aim and align as individuals to follow the organisational identities and the ethical
values. It can include the ethics regarding the organisation, integrity, policies
regarding human beings, responsibilities, accountabilities and the mutual trust which
should be maintained in an organisation.
3. Capability- The employees working currently should be equipped with the resources
being utilised in the company and have the proper competence to understand the
requirements of the control model. It includes various tools and skills for accessing of
Risk Management in an Organisation
transfers IT assets to third party vendors that helps the company to build safe It culture and
ensures that an organization remains in competition without losing ground. The outsourcing
is practiced now for many years and earlier this was named as “facilities management”. IT
outsourcing is basically a long term contract between a vendor and a consumer where vendor
helps consumer in organizational operations. These employees working in an organisation
provide the control, operate, maintain or manage the customer’s information systems such as
in equipment’ network and applications systems which is present either on customer or a
vendor’s side. In such relationship the equipment involved maybe owned by the vendor or the
customer. In this process customer finds a suitable vendor for their IT operations, then on
long term contract is established between a vendor and a customer with a condition of not
leaking the information that is outsourcing is done by non-information systems but
information systems is an integral part of it. This service is a mission critical service where
Information systems security is an important part of an outsourcing (Bahli & Rivard, 2003).
The main Principles used for controlling the framework
1. Purpose- The framework should be designed to have a proper modelling of an
organisation and have the main purpose or designing so that the risk should not take
place in an organisation.
2. Commitment- The employees working in an organisation should understand the main
aim and align as individuals to follow the organisational identities and the ethical
values. It can include the ethics regarding the organisation, integrity, policies
regarding human beings, responsibilities, accountabilities and the mutual trust which
should be maintained in an organisation.
3. Capability- The employees working currently should be equipped with the resources
being utilised in the company and have the proper competence to understand the
requirements of the control model. It includes various tools and skills for accessing of
8
Risk Management in an Organisation
information and controlling of activities. The capability totally depends upon the
training and the awareness being made for contributing into all the business activities
(Lam, 2014).
4. Action- It is based on the actions being performed so as to overcome from the risks
and threats according to the framework being designed and to initiate the action plan
during emergency.
5. Monitoring- It is essential for all the employees working in an organisation to
monitor the problems being made and based on the internal and external environments
of an organisation. It is essential to make the inspection, supervising and examining to
the situations being raised so as to methods and the strategies should be implemented
to overcome from all the situations (Larson & Gray, 2013).
Data Security in an Organisation
Data security is the most essential part of an organisation. IT is the major issue which is
generally been faced by all the organisations to have a proper security of a database. For this
it is important to use the latest technologies for securing and ensuring the data to be secured
to every business operations. It is also known as the backbone of an organisation which
mainly holds the database of the clients, the users, information of employee, financial data of
the customer as well as companies’ data. Data security is the most important asset of an
organisation. It is the process of an organisation where the data is been securely placed and
unveiling the data security as the most complex one. In today’s scenario the data is been
moved freely within the corporate networks, the main impact arise from the mobile devices
and from the clouds storage which has the increasing power in the rapidly evolving threats. It
is the organisational infrastructure which mainly aims to expand the needs of an organisation
by using the new technologies and services which is being used for initialising the tasks and
Risk Management in an Organisation
information and controlling of activities. The capability totally depends upon the
training and the awareness being made for contributing into all the business activities
(Lam, 2014).
4. Action- It is based on the actions being performed so as to overcome from the risks
and threats according to the framework being designed and to initiate the action plan
during emergency.
5. Monitoring- It is essential for all the employees working in an organisation to
monitor the problems being made and based on the internal and external environments
of an organisation. It is essential to make the inspection, supervising and examining to
the situations being raised so as to methods and the strategies should be implemented
to overcome from all the situations (Larson & Gray, 2013).
Data Security in an Organisation
Data security is the most essential part of an organisation. IT is the major issue which is
generally been faced by all the organisations to have a proper security of a database. For this
it is important to use the latest technologies for securing and ensuring the data to be secured
to every business operations. It is also known as the backbone of an organisation which
mainly holds the database of the clients, the users, information of employee, financial data of
the customer as well as companies’ data. Data security is the most important asset of an
organisation. It is the process of an organisation where the data is been securely placed and
unveiling the data security as the most complex one. In today’s scenario the data is been
moved freely within the corporate networks, the main impact arise from the mobile devices
and from the clouds storage which has the increasing power in the rapidly evolving threats. It
is the organisational infrastructure which mainly aims to expand the needs of an organisation
by using the new technologies and services which is being used for initialising the tasks and
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9
Risk Management in an Organisation
activities. Mainly the company should aim to organise and manage the significant tasks of
data security and risks for the data security (Laudon & Laudon 2016).
Managing of the data security form the remoteness is not the option left or simply accessing
to the various security tools which is not sufficient with the risks and the threats evolving in
an organisation. To implement the data security risks, it is essential to successfully address
and cope with the data security risks, company follow the important approach for data centric
so as to keep the main concepts in mind. To manage the risks been associated within the
organisation in today’s environment, company have the data centricity approach for valuing
the important data of the business, which makes it important to implement the information
security. Using all these approaches the company is in the successful phase to overcome from
all the risks and threats being affected in the company (McNeil & Embrechts, 2015).
The main important elements of the corporate data and the security policies
1. Ensuring Data Security Accountability- It is necessary for an organisation to
assure that the workforce management have the key responsibilities of an
organisation to be aware from the threats and risks. The classification of the data
should be made so as to be understood by the people working in an organisation to
easily understand the difference. The classification of the data includes the
Data Confidentiality
The Internal data which is been sent to the other management within the
same organisation.
General Data
The data which is to be shared with the other networks.
2. Network Services and the Policies been Govern- It depends upon the capability
of the company that how the company handles the issues being placed like IP
Risk Management in an Organisation
activities. Mainly the company should aim to organise and manage the significant tasks of
data security and risks for the data security (Laudon & Laudon 2016).
Managing of the data security form the remoteness is not the option left or simply accessing
to the various security tools which is not sufficient with the risks and the threats evolving in
an organisation. To implement the data security risks, it is essential to successfully address
and cope with the data security risks, company follow the important approach for data centric
so as to keep the main concepts in mind. To manage the risks been associated within the
organisation in today’s environment, company have the data centricity approach for valuing
the important data of the business, which makes it important to implement the information
security. Using all these approaches the company is in the successful phase to overcome from
all the risks and threats being affected in the company (McNeil & Embrechts, 2015).
The main important elements of the corporate data and the security policies
1. Ensuring Data Security Accountability- It is necessary for an organisation to
assure that the workforce management have the key responsibilities of an
organisation to be aware from the threats and risks. The classification of the data
should be made so as to be understood by the people working in an organisation to
easily understand the difference. The classification of the data includes the
Data Confidentiality
The Internal data which is been sent to the other management within the
same organisation.
General Data
The data which is to be shared with the other networks.
2. Network Services and the Policies been Govern- It depends upon the capability
of the company that how the company handles the issues being placed like IP
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10
Risk Management in an Organisation
address configuration, and remote accessing of the data. It mainly covers and
ensures all the security policies and its main components regarding the Intrusion
Detection System.
3. Scanning for Vulnerabilities- It is important for n organisation to find out the
vulnerabilities in the company and its IT infrastructure. For avoiding all this
company should have a routine checking of its networks regularly to overcome
from the risks.
4. Managing Patches- The implementation of the code should be done for
eliminating the vulnerabilities to protect against the Threats.
5. System Data and its Security- It is necessary to maintain the servers of the
organisation so as to continue performing the operation in the systems with the
data security policy. Rules and regulations made regarding to the server systems
that are implemented on the company networks and should have the accounts and
the passwords must be clearly defined (Olson & Wu, 2015).
Migrating of Database
It is the process from migrating of the database from one source to another by transferring of
the entire data between the computer storage and the types of file. The data is been migrated
for the variety of the reasons which initially tend for including the storage devices or server
storage. Migrating of the database is the most important activity of all the organizations. It
helps in moving or copying of the data from one source to another. Aztek Company, copy
and move their whole organisational data from 1 source to another for keeping the security
maintained. It is the key component of all the states which helps in mitigating the risks within
the each component of a migration (Schwalbe, 2015).
Risk Management in an Organisation
address configuration, and remote accessing of the data. It mainly covers and
ensures all the security policies and its main components regarding the Intrusion
Detection System.
3. Scanning for Vulnerabilities- It is important for n organisation to find out the
vulnerabilities in the company and its IT infrastructure. For avoiding all this
company should have a routine checking of its networks regularly to overcome
from the risks.
4. Managing Patches- The implementation of the code should be done for
eliminating the vulnerabilities to protect against the Threats.
5. System Data and its Security- It is necessary to maintain the servers of the
organisation so as to continue performing the operation in the systems with the
data security policy. Rules and regulations made regarding to the server systems
that are implemented on the company networks and should have the accounts and
the passwords must be clearly defined (Olson & Wu, 2015).
Migrating of Database
It is the process from migrating of the database from one source to another by transferring of
the entire data between the computer storage and the types of file. The data is been migrated
for the variety of the reasons which initially tend for including the storage devices or server
storage. Migrating of the database is the most important activity of all the organizations. It
helps in moving or copying of the data from one source to another. Aztek Company, copy
and move their whole organisational data from 1 source to another for keeping the security
maintained. It is the key component of all the states which helps in mitigating the risks within
the each component of a migration (Schwalbe, 2015).
11
Risk Management in an Organisation
The four basic components of migrating of the database:
1. Infrastructure of networks: It mainly includes the various servers, firewalls and
the system security software tools used for maintaining the proper IT
infrastructure so to keep the database maintained and secured form the threats.
2. Databases: Their typical products which is being used for storing the database
from one system to another system using various technologies. There are various
software tools used for typical products for entering into the low risk entry points
when the migration is be consider.
3. Third Part Applications: This is being used for the involvement of the Third
Party application which has the low risk migration products to be used or run on
the multiple platforms.
4. Custom Code: The different Scripting languages are used for creating thousands
of applications which company uses to run the critical applications which may
sometimes rise the risks or some malicious activity takes place because the
applications which are being used is not meant for the target (Van De Walle et al.,
2014).
Strategies Used for Mitigation
1. Reasonableness -A Company is not dealing with each conceivable hazard in light
of the fact that not all the hazard is sensible to oversee. It is essentially the test that
can be connected to decide if the hazard can be controlled. It is gotten from the
sensible individual standard in law.
2. Balancing Risk and Cost-The cost charge to oversee or control the hazard must
be adjusted against the effect esteem. The cost is essentially adjusted by its real fiscal
esteems in the event that they are accessible in an organisation (Webb et al., 2014).
Risk Management in an Organisation
The four basic components of migrating of the database:
1. Infrastructure of networks: It mainly includes the various servers, firewalls and
the system security software tools used for maintaining the proper IT
infrastructure so to keep the database maintained and secured form the threats.
2. Databases: Their typical products which is being used for storing the database
from one system to another system using various technologies. There are various
software tools used for typical products for entering into the low risk entry points
when the migration is be consider.
3. Third Part Applications: This is being used for the involvement of the Third
Party application which has the low risk migration products to be used or run on
the multiple platforms.
4. Custom Code: The different Scripting languages are used for creating thousands
of applications which company uses to run the critical applications which may
sometimes rise the risks or some malicious activity takes place because the
applications which are being used is not meant for the target (Van De Walle et al.,
2014).
Strategies Used for Mitigation
1. Reasonableness -A Company is not dealing with each conceivable hazard in light
of the fact that not all the hazard is sensible to oversee. It is essentially the test that
can be connected to decide if the hazard can be controlled. It is gotten from the
sensible individual standard in law.
2. Balancing Risk and Cost-The cost charge to oversee or control the hazard must
be adjusted against the effect esteem. The cost is essentially adjusted by its real fiscal
esteems in the event that they are accessible in an organisation (Webb et al., 2014).
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 18
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.