PricingBlogAbout Us

IT Risk Management Report: Security, Access, and Risk

Verified

Added on  2020/02/24

|7
|1356
|90
Report
AI Summary
This report delves into the critical aspects of IT risk management, commencing with an exploration of the evolving IT security and technology landscape, highlighting the challenges and mismatches between customer needs and current technological capabilities. It then examines various IT security models and access controls, including RBAC, MAC, RBAC, and DAC, emphasizing their importance in regulating resource access. Furthermore, the report provides an analysis of IT security threats and risk assessments, underscoring the necessity of understanding and proactively managing risks to safeguard business operations and data. The report emphasizes the need for robust security measures, the significance of access control models, and the importance of comprehensive risk assessments in protecting organizational assets and ensuring the confidentiality, integrity, and availability of data in the face of evolving cyber threats and regulatory requirements.
tabler-icon-diamond-filled.svg

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
RUNNING HEAD: IT RISK MANAGEMENT 1
IT RISK MANAGEMENT
Student Name
Institute Name
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
IT RISK MANAGEMENT
2
Contents
Introduction......................................................................................................................................3
Discussion and Justification – IT Security & Technology Landscape............................................3
Discussion and Justification – IT Security Models & Access Controls..........................................4
Discussion and Justification – IT Security Threat and risk assessment..........................................4
Conclusion.......................................................................................................................................5
References........................................................................................................................................7
Document Page
IT RISK MANAGEMENT
3
Introduction
The report will discuss in detail about three IT related concepts based on its security. Data
security has become a major concern in the technology world. This is why different access
control models have been adopted since it is security method helps in regulating the views or
usage of resources in the current computing environment (Lam, 2014). The report will also
discuss about the risks involved in the cyber security and it is important to understand the context
for the welfare of the business because for so many years risk assessment has become a need for
the organizations.
Discussion and Justification – IT Security & Technology Landscape
There are number of data security challenges along with so many mismatches because of the
massive gap that exist between the customer’s needs and what technology can offer in security
cases. However, the security technology in the current time is not yet up to the mark to meet the
need of the organization because of which there was massive move in data security world. In
other words, the perimeter less world based on pervasive computing is creating disruption in the
current security infrastructure. Security defense at individual level is now being installed with
number of solution like firewalls and many more (Chance & Brooks, 2015). In fact, the systems
deployed are not just to help in detecting the threats but also helps in taking right actions to deal
with them. The sensor also helps in generating data in real time however this is not enough.
Organization should be able to get a bigger picture. As an outcome, the concept of security and
analytics are merged well in the whole situation. Moreover, identifying that huge, developing
and number of unsolved issues that cannot be dealt by point base solution alone, there is constant
realization that focus on making the security needs a priority. There are some business processes
Document Page
IT RISK MANAGEMENT
4
that are critical and should be properly protected (Olson & Wu, 2015). However, there are other
areas as well in the business like the financial based costs or usability related costs which are
directly related to security and are prohibitive by nature since lot of security is required that it
stops the overall business processes.
Discussion and Justification – IT Security Models & Access Controls
The concept of access control and security models are based on recognizing a person who
performing a particular job by authenticating them by look for number of traits in identification
by providing that person just one key to the computer whose access he or she requires and
nothing more than that. In the current world, it is important to look at this as giving the
permission to get onto a network through proper password as well as user-name further
permitting them to access the computers, files or other kinds of hardware as well as software.
This further makes sure that they have the right kind of permission to perform their job (Hoyt &
Liebenberg, 2015). The important question here is that the right level of permission given to a
person can help in performing the duties in right manner or not. Access control models become
important in this part of the process. The access control models are divided into four parts which
are Role Based Access Control also called as RBAC, Mandatory Access Control which is also
called as MAC, Rule Based Access Control which is also called as RBAC and Discretionary
Access Control also called as DAC.
Discussion and Justification – IT Security Threat and risk assessment
Risk assessment of IT enterprise are actually performed to permit the company to properly
assess, recognize and change the setup for overall security methods and also make sure that
security, operations, and views to collaborate with the whole company is impacted from an
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
IT RISK MANAGEMENT
5
attackers point of view. The process is needed to get management level of commitment in order
to allocate the resources and further execute the right kind of security solutions. A
comprehensive level of security risk assessment also helps in deciding the overall value of many
kinds of data which is generated as well as stored in all the companies (Farrell & Gallagher,
2015). It is important to understand here that one cannot value many types of data in the
company and it is sometime completely impossible to set priorities and allocate resources for
technology where it is needed the most. In order to assess risk in proper manner, it is important
that management recognize the data that are not very valuable for the company along with right
storage methods and related vulnerabilities. There are number of reasons for taking some
proactive steps with repetitive approach to deal with information about the security issues.
Regulatory as well as legal needs usually aim at saving the sensitive or confidential data along
with general security needs of public in order to create a set of expectations for the organizations
of all possible sizes to devote the attention and also prioritize the information based security risks
(Schneider et al, 2014). IT related risk assessment takes number of years and can change
constantly in terms of process, scope and method. However, the main objectives still remains the
same which consist of identifying as well as quantifying the risks of the company’s information
based assets.
Conclusion
The data security and it management has become a big chore in organization these days and
everything that an organization perform along with quality of data, its overall security and
integration, it plays an important role in changing the security based landscape by ensuring the
customers to never get lost. It is also important to understand that no access control model can be
Document Page
IT RISK MANAGEMENT
6
termed perfect but it helps in distracting the attacker (Talet et al, 2014). The risk assessment is
also important since it provide a proper plan for execution, testing and further improving the
present security operations.
Document Page
IT RISK MANAGEMENT
7
Chance, D. M., & Brooks, R. (2015). Introduction to derivatives and risk management. Cengage
Learning.
Farrell, M., & Gallagher, R. (2015). The valuation implications of enterprise risk management
maturity. Journal of Risk and Insurance, 82(3), 625-657.
Hoyt, R. E., & Liebenberg, A. P. (2015). Evidence of the value of enterprise risk
management. Journal of Applied Corporate Finance, 27(1), 41-47.
Olson, D. L., & Wu, D. D. (2015). Enterprise risk management (Vol. 3). World Scientific
Publishing Co Inc.
References
Lam, J. (2014). Enterprise risk management: from incentives to controls. John Wiley &
Sons.
Schneider, E. C., Ridgely, M. S., Meeker, D., Hunter, L. E., Khodyakov, D., & Rudin, R. S.
(2014). Promoting patient safety through effective Health Information Technology risk
management. Rand Health Quarterly, 4(3).
Talet, A. N., Mat-Zin, R., & Houari, M. (2014). Risk management and information technology
projects. International Journal of Digital Information and Wireless Communications
(IJDIWC), 4(1), 1-9.
chevron_up_icon
1 out of 7
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

© 2024   |   Zucol Services PVT LTD   |   All rights reserved.