IT Risk Management Assignment: Victoria Police Case Study Analysis

Verified

Added on 2020/03/04

AI Summary

This IT risk management assignment explores key security concepts including owners, countermeasures, vulnerabilities, threat agents, threats, risks, and assets. The assignment identifies and discusses these concepts, providing a foundational understanding of information security. Furthermore, the assignment delves into asset classification, emphasizing the importance of recognizing crucial information assets for organizational operations, particularly in the context of potential financial losses. The implications of asset classification are then examined in relation to the Information/Information Systems Security of the Victoria Police, highlighting confidentiality agreements and the handling of sensitive information during investigations, referencing a case study involving leaked documents and the actions taken to ensure compliance. References include cited academic sources.

Running head: IT RISK MANAGEMENT
IT risk management
Name of the student:
Name of the university:
Author Note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1IT RISK MANAGEMENT
Task 2:
1. Exercise 1:
1.1. Identification and discussion on the security concepts:
The first security concept has been generating from the owners. They have been the
individuals or the organizations that have possessed the assets. The owners have been valuing their
resources. They have been aware regarding the vulnerabilities on their resources many times. The
next one is the countermeasures. There have been the controls of protection that has been imposed
by the owners of the assets for mitigating the vulnerabilities, threats and risks in the assets. The next
one is the vulnerabilities. They have been the flaws in the resources or the non-presence of the
controls of the security. This has been raising the likelihood of the risks to the resources (Dojutrek et
al. 2016). The next one is the threat agents. They have been the entities that possessed the ability to
do introduction of the threats to the assets. The next one is the threat. They have been the entities
that have been exploiting the vulnerabilities in the assets. Then there has been the risk that has been
the probability that the assets might get compressed by the threats. The last one is the assets that
have been including the programs, applications, data and information, system infrastructure as
owned by the owners (Onwubiko and Lenaghan 2007).
2. Exercise 2:
2.1. Classification of the information asset:
The asset classification has been done by the organizations for recognizing which of the assts
have been crucial for their operations. The most crucial information asset has been the information

2IT RISK MANAGEMENT
that is confidential and sensitive (Theage.com.au, 2017). The failure of the assets has been leading to
effective financial loss. The major information asset has been the information that has been regarded
to be confidential. The minor information asset is the information that is determined to the personal.
2.2. Discussion on the implication of the classification to the Information/Information Systems
Security of the Victoria Police:
The Victoria police have been needed to undergo and sign the confidentiality agreements that
they would not release any information. The police inquiries involved an IBM worker who has been
conducting the audits of police LEAP database. The matter has been addressed very fast using the
classification model (Theage.com.au, 2017). During the investigation power was there to the police
in compelling the document provisions and conducting the examinations. As the investigation ended
the actions were taken for assuring that the compliance with the police has been particularized in the
enforceable notice.

3IT RISK MANAGEMENT
References:
Dojutrek, M.S., Dojutrek, M.S., Labi, S., Labi, S., Dietz, J.E. and Dietz, J.E., 2016. A multi-criteria
methodology for measuring the resilience of transportation assets. International Journal of Disaster
Resilience in the Built Environment, 7(3), pp.290-301.
Onwubiko, C. and Lenaghan, A.P., 2007, May. Managing security threats and vulnerabilities for
small to medium enterprises. In Intelligence and Security Informatics, 2007 IEEE (pp. 244-249).
IEEE.
Theage.com.au. (2017). 20,000 pages leaked in new police bungle - National - theage.com.au.
[online] Available at: http://www.theage.com.au/news/national/20000-pages-leaked-in-new-police-
bungle/2005/08/16/1123958033738.html [Accessed 20 Aug. 2017].