Risk Assessment Report for the Regional Garden Planners Company

Verified

Added on 2022/08/31

AI Summary

This report provides a risk assessment for Regional Garden Planners, focusing on administrative, security, backup/recovery, networking, and financial risks. The assessment includes a risk register that details each risk, its description, impact assessment, likelihood, consequences, control strategy, and residual risk with priority. Identified risks include inadequate password security, outdated IT systems lacking anti-virus software, lack of data backup, single LAN connection leading to network vulnerabilities, and uncontrolled internet usage leading to financial risks. Control strategies are proposed for each risk, such as privatizing administrative passwords, installing anti-virus software, implementing cloud storage, dividing the network, and limiting internet access. The report concludes with a risk assessment matrix and emphasizes the importance of implementing these strategies to mitigate potential harm and protect the company from technical and financial losses. This report is a valuable resource for understanding and managing risks within the organization.

Running head: RISK ASSESSMENT IN REGIONAL GARDEN PLANNERS
RISK ASSESSMENT IN REGIONAL GARDEN PLANNERS
Name of the student:
Name of the university:
Author Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1RISK ASSESSMENT IN REGIONAL GARDEN PLANNERS
Table of Contents
Introduction...........................................................................................................................................................
Risk Register.........................................................................................................................................................
Conclusion............................................................................................................................................................
References.............................................................................................................................................................

2RISK ASSESSMENT IN REGIONAL GARDEN PLANNERS
Introduction
Risk in an organization is a common probable phenomenon that is apprehended by the
various level of employees within the company during their job schedule. An organization for
its smooth functionality should identify the risks that might occur in advance and incorporate
mitigation strategies to avoid such risks [1]. If the identification is not done beforehand, the
impact of the accidents that will occur due to the risks will prove to be harmful for any
organization. The organization of ‘Regional Gardens Planner’ is one such company where
exists many instances of risks that will lead to major hamper to the data of the organization.
The company should identify the risks and take up control measures as soon as possible to
reduce the chance of accidents later.

Running head: RISK ASSESSMENT IN REGIONAL GARDEN PLANNERS
Risk Register
Ris
k
ID
Risk
Name
Risk
Descriptio
n
Impact Assessmen
t
Likeliho
od
(0-10)
Consequen
ces
Control
Strategy
Residual
Risk
Priori
ty
R1 Administrat
ive Risks
The
administrat
ion
password is
a vital
security
key that
should be
privatised
only with
the admins.
However,
all the
employees
of the
‘Garden
Regional
Due to the
leakage of
the
passwords,
the security
system of
the
company is
at stake [2].
The
hackers
will be able
to access
the data
from the
device of
any
Many of
the
employees
left the
company,
yet their
accounts
are still in
use by the
other
employees
of the
organizatio
n. The
administrat
ion should
not allow
8 The data of
the
organizatio
n will be at
stake if the
passwords
of the
administrati
ve level are
not strictly
restricted to
their
particular
level. If the
risk turns
out to
happen, the
To control
such
problems,
the IT
department
should
privatize
the
password
of the
administrat
ive
department
[6]. The
other
employees
should
Even if the
control
measures
are applied,
the IT
department
should
implement
more
security
measures
like
encryption
of
passwords
to ensure
safety. Else,
2

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1RISK ASSESSMENT IN REGIONAL GARDEN PLANNERS
Planners’
have access
to the
admin
passwords.
Hackers
will get an
easy access
if such
important
features are
made
public.
This will
hamper the
confidentia
lity of the
data within
the
company.
employee
and misuse
these data
against the
goodwill of
the
organizatio
n.
usage of
such
invalid
accounts
after the
resignation
of the old
employees.
hackers can
misuse the
data of the
organizatio
n largely.
never get
access to it
even if
they are
sharing the
common
server.
due to lack
of storage,
there again
might be
risk of data
security in
the
organization
.
R2 Security
Risks
The
company
Data is a
vital part
The
security of
9 If the anti-
virus
There
should be
The IT
Department
1

2RISK ASSESSMENT IN REGIONAL GARDEN PLANNERS
has a small
IT system
that is not
advanced
enough.
Lack of
anti-viruses
in the
devices
also will
lead to risk
in the
disruption
of the
functions
of the
software
systems.
for any
organizatio
n. If the
employees
of the
‘Garden
Regional
Planners’
don’t
install anti-
viruses to
their
devices, the
system will
be
hampered
at large [3].
The lack of
antiviruses
might hang
the devices
and hackers
a company
is the most
important
feature.
However,
in this
organizatio
n, the
devices
with old
operating
systems are
used that
does not
ensure
security
[5]. Even,
the new
systems are
also not
virus
protected
software
are not
installed in
the devices
of the
company, it
will lead to
the systems
getting
affected by
viruses [7].
This will in
turn slow
down the
machines
and there is
also a
chance of
the data
getting
hacked.
immediate
installation
of the anti-
virus
software in
all the
devices of
the
‘Garden
Regional
Planners’
company.
The IT
department
should also
update the
existing
anti-viruses
for proper
security of
the
of the
company
should first
install
security
system in
the email
sections for
each
employee
such that the
data shared
within the
employees
never get
hacked by
the
unwanted
people
outside the
organization

3RISK ASSESSMENT IN REGIONAL GARDEN PLANNERS
will get a
chance to
access the
devices
easily.
that will
lead to
insecurity
of the data
of the
organizatio
n.
systems. .
R3 Backup and
Recovery
Risks
The
company of
gardening
services
has never
created a
backup of
their data.
They
access the
old devices
for
extracting
files if
required for
The
backing up
of data
helps a
company to
access old
files and
generate
reports on
that.
However,
due to lack
of backup
system, the
company
Assessing
this risk
should be a
vital step
for the
company
because if
the backup
of data is
not
recovered,
it will be
useless for
the
company.
4 Due to the
lack of data
recovery
methods, if
any failure
occurs in
the system,
it will prove
to loss of
data from
the
organizatio
n [8]. Loss
of data will
be a
To mitigate
the data
recovery
risks, the
company
should
implement
cloud
storage
facilities
for the
backup and
recovery of
data. Once
the data is
In spite of
implementat
ion of cloud
environment
s, there
might be
chances of
hacking if
the cloud
storages are
not
encrypted
properly.
5

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4RISK ASSESSMENT IN REGIONAL GARDEN PLANNERS
any
purpose.
Due to lack
of backup
of data,
risks occur
when old
files cannot
be
retrieved.
faces time-
loss while
accessing
the old data
for any
purpose.
Hence, a
storage
system will
rescue the
company
from such
risks.
hindrance
in
developing
business
strategies
for the
organizatio
n too.
stored in
cloud
environme
nts, proper
accessibilit
y will be
allowed by
the users.
R4 Networking
Risks
There is
only one
LAN
connection
that is
shared by
the
employees
of the
company
for internet
connection.
Since no
firewall or
security is
implemente
d, the
network
system of
the
company
can be
easily
hacked by
This risk is
assessed
when it is
seen that
the
workstatio
n of the
employees
share the
same
network
connection
5 The
networking
system
might be
hacked if
there is
only one
single
network. If
the network
is hacked,
the whole
To take
control
measures,
the
network
should be
divided
between
the server
and the
employee
workstatio
There might
also exist
chances of
hacking the
encrypted
networks.
Hence, the
company
should
apply strong
decryption
keys that
4

5RISK ASSESSMENT IN REGIONAL GARDEN PLANNERS
Hence,
there is no
network
security
implemente
d in the
company’s
network
system.
The server
and the
employees
has to share
a common
network.
using
measures
such as
eavesdropp
ing or
breaching
[4]. If the
network is
hacked, the
company’s
confidentia
l will be
leaked in
the market.
with the
servers and
there is
only one
LAN
connection
connecting
all of them.
information
system of
the
company
will be
open to the
misusers.
ns.
Secondly,
firewalls
and
encryptions
should be
implement
ed in the
layers of
the
networks
[9].
can only be
accessed by
the higher
levels of the
company.
R5 Financial
Risks
Budgeting
is a major
factor for a
company to
run
smoothly.
Hence, the
If the
financial
risk
happens to
occur, the
company
will have to
This risk is
assessed
when the
employees
of the
company
uses the
6 Due to loss
of money,
the
company
may have to
take loans
for
The IT
department
should take
steps in
limiting the
use of the
Internet by
The residual
risk lies if
the
employees
stop
working at
their own
3

6RISK ASSESSMENT IN REGIONAL GARDEN PLANNERS
allowance
of free
access to
Internet for
any
purpose is
a risk
factor for
the
company to
go
bankrupt in
a few days.
pay a huge
amount to
the Internet
service
providers
that will be
a huge loss
unnecessari
ly.
free
Internet for
their
personal
use, only
when they
require a
limited
usage for
their
official
purpose.
necessary
actions later
on. The
money
spend on
the internet
usage is a
complete
waste.
the
employees
[10]. It
should
allow
access only
to those
websites
that will be
required by
the
employees
for
professiona
l use.
will,
efficiently,
if they are
not allowed
to access
free internet
usage.
CONSEQUENCE
LIKELIHOOD A. Insignificant (1) B. Minor (2) C. Moderate (3) D. Major (4) E. Extreme (5)
1. Rare (1) Low Low Low Low Low
2. Unlikely (2) Low Low Low Medium Medium

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7RISK ASSESSMENT IN REGIONAL GARDEN PLANNERS
3. Possible (3) Low
R3
Low
R4
Medium
R5
Medium Medium
4. Likely (4) Low Medium Medium High
R1
High
R2
5. Almost certain (5) Low Medium Medium High Extreme
Figure 1: Risk Assessment Matrix

Running head: RISK ASSESSMENT IN REGIONAL GARDEN PLANNERS
Conclusion
The ‘Garden Regional Planner’ assists in providing gardening solutions to the various
houses across the locality. However, since the organization is small and incorporates a non-
advanced IT system, there exists various technical risks associated with the company. Lack of
proper planning can lead to the occurrence of such risks. Hence, this paper analyses the risks
as well as the impact and control measures to recover them. The company can follow these
steps to adopt mitigation strategies for the risks discussed to avoid any further technical
problems within the company. The financial risks, if taken care, can also save the company
from huge monetary losses in the near future.