Detailed Risk Management Report for Website Development and Features

Verified

Added on 2022/08/14

AI Summary

This report delves into the critical aspects of website risk management, offering a comprehensive analysis of potential threats and mitigation strategies. It begins by addressing fundamental questions about website costs, lifespan, and value, emphasizing the importance of identifying and evaluating potential risks, including injection flaws, cross-site scripting, and broken session management. The report outlines a risk management plan with clear objectives, such as minimizing scams and ensuring data security. It introduces a risk matrix to analyze the impact of identified risks and proposes a conflict management plan to address disputes that may arise during project execution. Furthermore, the report explores change management processes, highlighting the importance of identifying improvement factors, presenting a solid case for change, and providing necessary resources. The report also details essential business features, including quality web content, user-friendly design, and website speed, along with the business values and product overview. The goal is to deliver a secure, user-centric website that aligns with organizational objectives and facilitates sustainable growth.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Risk Management 1
Name of Class
Professor
Course
State
Date

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Risk Management 2
Risk management
The future is uncertain. The following are the most common questions that will be asked about
the vulnerability of the website to risks: 1. What is the cost of running the site? 2. What is its
lifespan? 3. Why that amount of value and why the lifespan? These questions explore the
uncertainties in the future of the project (Andersen and Sax, 2019). It is because the future is
uncertain, and the best feedback to this is identifying potential risks that the website can be
exposed to. In this chapter, potential risks are evaluated and measured. The management policy
adopted is commensurate with the complexity and the size of the project. This is crucial given
the scalability feature of risk management.
Risk management objectives
The primary objectives of the risk management plan adopted include the following:
i. Identifying potential threats before their occurrence or in the early stage. This
involves monitoring the website functions and operations closely.
ii. Minimize scams related to the website. The risk management plan will help identify
the scams that will derail the effectiveness and efficiency of the site which may
hinder its impact on the growth of the organization.
iii. Ensure security of the information shared on the website. Data security is very crucial
in an organization. An effective risk management strategy will ensure the safety of
the data.
iv. The realization of more significant opportunities from using the website- Strategic
planning of the risk management policy will enable sustained growth.

Risk Management 3
v. Securing the future of the website and help in the long-run management of the
website
Potential risks
a. Injection Flaws- sites are vulnerable to this risk and particularly to SQL injection flaws.
The website faces an inherent risk when untrusted data is directed to the website
interpreter as a command or query.
b. Cross-Site Scripting- the most common and potential risk to any website is cross-site
scripting. The site is exposed to this risk when the system takes suspicious data and sends
it to the browser with no proper validation of the data. It opens avenues for system
hackers to script the browser, which can lead to the hackers hijacking the website user
sessions.
c. Broken session management and system authentication- the websites are exposed to
compromised security keys, passwords, and other sessions tokens.
d. Cross-Site Request Forgery- the website is exposed to a potential attack when the user of
the site to send a forged HTTP request. This includes the cookies used by the site user
and other authentication information.
e. Insecure Direct object references- the website is also exposed to the possibility of
reference exposure by the developer to an internal implementation object.
f. Security misconfiguration- the risk usually is beyond the application plan of the website.
It is essential to have a defined framework, applications, application servers, database
server, and web server and the overall operability platform.
g. URL access restriction error- the website needs to perform access checks whenever it is
operated. This is among the most risks that sites are exposed to.

Risk Management 4
h. Cryptographic storage insecurity- failure of the website to protect crucial and sensitive
data which include card data entered to the site, SSNs and other sensitive authentication
credentials
Risk Matrix
the best strategy to approach website potential risks depends on the level of risk analysis
conducted. If the review determines that some of the risks exposed to the site will be costly and
derail the overall functions, efficiency, and effectiveness of the website, it becomes essential to
establish a risk matrix to analyses their impact (Kliem and Ludin, 2019). The following is a risk
matrix developed in analyzing the effects of the above risks exposed to the effective managing of
the website
Risk Occurrence likelihood Consequences
Cryptographic storage
insecurity
High High
Medium
Low
URL access restriction error Low
Security misconfiguration Medium
Insecure Direct object
references
High
Cross-Site Request Forgery High
Broken session management
and system authentication
Low
Cross-Site Scripting High

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Risk Management 5
Injection Flaws Medium
Conflict management plan
Conflicts are bound to occur in all stages of the project’s life. Some of the disputes can be minor
and cannot impact the project's activities (Cronin and Bezrukova, 2019). However, some of them
can threaten the overall wellbeing of the project. During the running of the project, conflicts are
rampant and are relevant to all factors touching on the project (Raines, 2019). To ensure proper
handover and effective continued running of the project, it is essential to develop a conflict
management plan.
Actions to take Ways of doing it
Prepare Give meaning to the specified conflict
Identify possible expected results
Converse with involved parties Identify a convenient meeting time
Meet in place with no expected interruptions
Pay close attention to the behavior and
distinctive personalities of the conflicting
parties
Clarify what happens when the conflict
occurs
Remain specific to the event and not focus on
general observation
Listen intensively Actively listen to all the conflicting parties
Avoid any form of interruption
After a party finishes, rephrase his concerns
to ensure that you have understood his/her
concerns

Risk Management 6
Ask direct and situation clarifying questions
Identify points where both parties agree and
disagree
Create a summary of the agreement points
and disagreement point
Seek clarification if all parties are okay with
your observation
Modify your agreement/disagreement
observation until all parties are in agreement
Set goals and priorities Discuss on the most critical parts of the
conflict
Develop a relevant plan to tackle each
identified cause of conflict a starting to the
critical conflict
Pay close attention focus on future relations
Ensure the setup of possible future meetings
Create a follow-up procedure in the
management plan
Pay attention to all points of resolution
discussion until the conflict has been solving
amicably
Maintain a collaborative approach while
engaging the parties
Build on the realized resolution success Look at situations to identify progress
Identify and note the achievements and
insight of the parties involved
Congratulate all the parties involved in case
of any development is made
Avoid blame game Focus on the facts and crucial information

Risk Management 7
that will help address the conflict
Be honest and direct to the point Allow all parties to put out their concern from
their perspective
Give ample time between ideas and
suggestions
Change management
Organizations regularly experience change. Causes may range from the introduction of new
technology, reorganization process, an improvement in management and processes practices,
update on various methods in the organization, (Cameron and Green, 2019), experienced growth
and necessary compliance initiatives. To ensure success in change management, the following
essential steps are important
1. Identification of factors to be improved- since most of the changes experienced touch on
the product, processes, or various needed outcomes, it is essential to identify the point of
difference and set elaborate and clear goals. This will ensure that the required resources
and people responsible for managing and endeavoring the change are identified. Prior
knowledge of the anticipated move provides clarity, ease of management and success
implementation of the steps taken.
2. Present a solid case to the parties affect the change- there are a lot of people that will be
affected by the change. This includes the top management, change advocates, and the
people responsible for conducting the change management process. All of the parties
have different expectations and objectives and expect to be involved in the change
spectrum.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Risk Management 8
3. Have an elaborate plan for the change- it is the roadmap that illustrates the beginning of
the change, the direction being taken in managing the difference, and the desired
destination after adequately addressing the change requirements. The required resources
are also integrated, the change management scope and the total cost of the management
plan. The most critical management plan is to provide various steps that are required as
opposed to having unplanned processes. This includes an explicit action taken with
defined and measurable targets attached to each of them.
4. Provision of the required resources and utilization of available data for the management
evaluation- as part of the planning exercise, resource identification and allocation are a
crucial process. The support can include, financial requirements, the much-needed
infrastructure and the software system requirements. Also, the tools required in training
the parties involved are re-educating other stakeholders are considered.
5. Communication- it is the golden step in the whole change management process. It runs
through the entire management process (Tang, 2019). Change identification, planning,
onboarding and execution are all dependent on communication practices adopted. This is
used to address both the psychological and inherent factors associated with change
management.
6. Monitoring and addressing possible resistance- change resistance is a common
phenomenon in every setting which threatens the success of change management. Most
of the opposition is a result of fear of the unknown in implementing the change. It is
crucial to anticipate and prepare for possible resistance and alarm the change
management team to take the appropriate actions.

Risk Management 9
Business Features
Designing and building a well functional website requires a combination of several factors. The
combination of the elements varies according to the needs of the owners of the website. Due to
the mixes, it is highly challenging to compare the effectiveness of websites. Nonetheless, a
litmus test is the ability of the website to achieve the desired goals. Due to the success that will
be derived from this implacable website, the following are some of the features of the site;
Quality web content- the website is designed to offer people with the desired information in a
fast and reliable way. Superior content will be shared on the website to satisfy the traffic visiting
the site. Important information that is pertinent to the organization will be shared through the
website.
Clear and user-friendly- the website contains simple, user-friendly navigation that will ensure the
visitors get the information they desire quickly and efficiently. Relevant user links will be placed
in places that are easy to locate and have understood labels against them. The navigation
structure of the website will be made of the following features;
1. Home page
2. About page which will include the vision and the mission, history, FAQ, stakeholders,
fact sheet, and all the relevant periodical reports
3. Projects to be conducted using the website
4. Get involved by the use
5. News
6. Contact information

Risk Management 10
Simple and professional web design- over sue of whistles and bells is beautiful during website
designing and building but they rarely contribute to the overall value of the website. The website
will have a simple and attractive layout that will be attractive to the users and keep them
engaged.
Speed- during operations, people lose interest and patience quickly, and that affects their
association with the website. Long loading time will drive the users away. To ensure speed,
server speed, number of graphics used and the web traffic will be considered and much
improved.
Business values
Results are the primary value that is considered. The desire to attained the set objectives is the
fundamental value for the website. The website will be organized to help other stakeholders in
planning and working on achieving the desired targets in the organization.
Focusing on the user, the website will be designed to have a full focus on the needs of the user
and the rest of the other values will follow. Most of the information required by the website user
will be located on the first page of the website.
Product overview
Pages
Pages will be reserved for content which will be seldomly changed overtime. The information
will be clearly shown in the navigation page of the site. Some of the pages that will be included
in the website include the home page, new notification listings, search features, contacts and

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Risk Management 11
about me window. The number of papers in the main navigation page will be kept in the
minimum to avoid overwhelming the website users.
Categories
The various categories of the website will be located on the left-hand side displayed vertically in
order to provide room for future growth of the section. Each category will contain important
information that needs to be shared.
Posts
Post are the single feature that make the site look amazing. The post will contain all the
information that needs to be shared with the website users. They are added in the various
categories contained in the website

Risk Management 12
References
Andersen, T.J., and Sax, J., 2019. Strategic Risk Management: A Research Overview. Routledge.
Cameron, E. and Green, M., 2019. Making sense of change management: A complete guide to
the models, tools and techniques of organizational change. Kogan Page Publishers.
Cronin, M.A. and Bezrukova, K., 2019. Conflict management through the lens of system
dynamics. Academy of Management Annals, 13(2), pp.770-806.
Kliem, R.L. and Ludin, I.S., 2019. Reducing project risk. Routledge.
Raines, S.S., 2019. Conflict management for managers: Resolving workplace, client, and policy
disputes. Rowman & Littlefield.
Tang, K.N., 2019. Change management. In Leadership and Change Management (pp. 47-55).
Springer, Singapore.