Swinburne University INF30020 Risk Mitigation Plan Report

Verified

Added on 2022/11/26

AI Summary

This report presents a risk mitigation plan developed for The Sprout Foundation (TSF), a tier-2 not-for-profit organization. The plan addresses key risks identified, including malware attacks and system slowdowns, along with strategies for NFP reporting. The report emphasizes the importance of network monitoring, authentication, endpoint security, and employee training to prevent malware. It also outlines procedures to mitigate system slowdowns, such as installing anti-malware software and keeping systems updated. Furthermore, the report details risk mitigation processes for NFP reporting, including analyzing organizational objectives, incorporating advanced technology for data gathering, and identifying stakeholders. The report offers recommendations for improving TSF's risk management practices, including governance approaches and identifies opportunities for further work in business continuity and disaster recovery.

Running head: Report On Risk Mitigation Plan
Report
On
Risk Mitigation Plan
Name of the Student
Name of the University
Author Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1Risk Mitigation
Malware attack mitigation:
According to the case study it has been noticed that TSF is a 2 tier organization in which
there are several IT devices has been incorporated in order to enhance their organizational
services. Followed by this Yusop and Abawajy (2014) has stated that the possibilities of
malware attacks are high in TSF. After successfully analysing the malware threats several
mitigation plan has been prepared which are listed below:
 It is highly important to incorporate effective network monitoring as well as the
alerting technique in order to prevent the Malware attack.
 Incorporate the authentication process in between the organization for all sort of
activities.
 Along with that the incorporation of the endpoint security devices is highly essential
to reduce the possibilities of the malware attacks.
 Followed by these the organization must opt for training and awareness programme in
order to alert the employs to be careful when they are using the organizational system
by restricting themselves from the utilization of SPAM links.
 Followed by the above aspects there is also a significant influence present related to
the activity by providing the individual staff for each device. As this will enhance the
observation process between the organization as well as the incorporation of expert
employs for specific device can help to mitigate the system failure as human
interruption will help to work efficiently.
Mitigation of the slowdown process of computer devices:
Considering the above aspects it has been noticed that due to the malware attacks the
operations of the software devices as well as the computer systems are intended to slowdown.
Thus, from the analysis it has been noticed that the organization must follow several

2Risk Mitigation
procedures in order to provide the prevention as well as the protection in the organizational
work services. Those procedures are listed below:
 One of the most effective solution for this respective problem is to install the anti-
malware software in the organizational devices. Which helps to protect the systems
from the malware attacks as a result it enhance the computer services (Simmons et
al., 2014).
 Along with that it is not only essential to incorporate the anti-malware systems into
the organizational systems in order to protect from the malware attacks whereas
there are several other mitigation process present. One of them is to always keep the
system updated with the time.
 Uninstall the unnecessary applications from the system.
 Do not open the unauthorised information resources as this can cause a significant
impact on the organizational system.
 Before using any website be aware of most of the contents present in that website
(Golshan et al., 2017).
NFP reporting:
According to the studies it has been noticed that the NFP stands for reporting the
financial status of an organization to its authorities. Thus, it is highly essential to have an
effective NFP reporting process in the organizational field. In order to enhance the
effectiveness of the NFP process some risk mitigation process has been listed below related
to the NFP process:
 Effective analysis on the organizational objectives related to its financial status.
 Incorporation of the advance technology in order to gather the accurate data relate to
the organizational financial status (Simnett and Huggins 2015).

3Risk Mitigation
 Followed by this identify the problematic area and analyse the most impactful risk.
 Along with that the identification of the major stakeholder is also essential for to
report about the NFP activities.
 Impact analysis of the identified activity.
 Followed by the above process the financial department must provide a NFP report
consisting all the data related to the problematic area.
Reference:
Golshan, A., Gong, F., Jas, F., Bilogorskiy, N., Vu, N., Lu, C., Burt, A., Kenyan, M. and
Ting, Y., Cyphort Inc, 2017. Systems and methods for malware detection and mitigation.
U.S. Patent 9,686,293.
Simmons, C., Ellis, C., Shiva, S., Dasgupta, D. and Wu, Q., 2014, June. AVOIDIT: A cyber
attack taxonomy. In 9th Annual Symposium on Information Assurance (ASIA’14) (pp. 2-12).
Simnett, R. and Huggins, A.L., 2015. Integrated reporting and assurance: where can research
add value?. Sustainability Accounting, Management and Policy Journal, 6(1), pp.29-53.
Yusop, Z.M. and Abawajy, J., 2014. Analysis of insiders attack mitigation
strategies. Procedia-Social and Behavioral Sciences, 129, pp.581-591.