Effective Risk Management in Secure Software and System Designing

Verified

Added on 2022/11/16

AI Summary

This report provides an overview of risk management in software and system design, emphasizing the importance of mitigating vulnerabilities to ensure system security. It distinguishes between intrinsic and non-intrinsic vulnerabilities, correlating them with non-functional and functional requirements, respectively. The report outlines key steps in risk management, including risk identification, analysis, evaluation, treatment, and monitoring. Mitigation strategies discussed include accepting, avoiding, controlling, and transferring risks. The importance of risk management within the software development lifecycle (SDLC) is highlighted, noting its role in identifying weaknesses, strengths, opportunities, and threats. The report advocates for loss prevention techniques to limit potential losses and secure data storage, suggesting measures like employing security guards and implementing strict access controls. It concludes by stressing the need for ongoing vulnerability mitigation and security risk assessments to ensure software reliability and customer satisfaction. The document emphasizes that effective risk management leads to more secure software designs and better overall system performance. Desklib provides this and other solved assignments for students.

Running head: SOFTWARE AND SYSTEM DESIGNING
SOFTWARE AND SYSTEM DESIGNING
Name of the Student
Name of the University
Author Note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Risk management for software design
Risk management plays a crucial role in managing the vulnerabilities as this helps in
ensuring that the possible risks are mitigated successfully. Vulnerabilities are mainly referred to
a known problem that may arise within a system or a program. In the given scenario it has been
identified that intrinsic vulnerabilities are being equated based on the non functional
requirements. This means that with the use of secure software design it becomes impossible to
remove the vulnerability. The intrinsic vulnerabilities are correlated to functional requirements
that mean there is a huge need to mitigate the risk as no security software will be able to protect
the system from serious damages. However risk management helps in determining whether the
vulnerability is intrinsic or non intrinsic. Risk management helps in determining the impact that
is likely to be created with the vulnerability. It has been observed that there are two types of
vulnerabilities that are mainly referred to intrinsic and non intrinsic. The intrinsic vulnerabilities
are mainly the challenges that are likely to be faced due to non functional requirements. On the
other hand the non intrinsic vulnerabilities are referred to the challenges that are faced with the
functional requirements of the software designing phase. The main steps those are included with
identifying the possible risks and vulnerabilities that are likely to be faced while designing
software. The major steps are as follows:
 Identifying the risk at the first stage sp that it becomes easy to operate the risks
 Analyzing the risk as intrinsic or non intrinsic
 Evaluating the risk impact and determining its position
 Treating the risks based on the priority and impact

 Monitoring, mitigating and reviewing the risks so that it becomes easy to manage the
risks
There is a huge need to mitigate the risks so that it can work effectively without facing any
challenges. The basic options that are included in the mitigation plan include accepting the risks,
avoiding the risks, controlling the risks, transferring the risk and continuing to monitor the risks.
Software development lifecycle mainly tends to process the designing, development phase and
produces the product with high quality. Once the risk gets mitigated easily it becomes easy to
gather the requirement for the analysis purpose. It becomes essential to mitigate the risks so that
the development process can be done effectively. With the help of risk management strategies it
becomes easy to determine the weakness, strengths, opportunities and threats effectively. The
risk management helps to identify the potential problems before executing the software. The
risks are defined as functional, non functional, operational and strategic risks. Thus it becomes
crucial to mitigate the possible risks so that they can ensure better performance throughout their
lifecycle. The best technique for mitigating the challenges is loss prevention. With the help of
loss prevention technique it becomes easy to limit the loss and ensures that the software
designing phase is able to eliminate the loss. This technique includes accepting the risks
completely without avoiding the risks. This minimizes the loss and ensures that the data are
being stored successfully without facing much challenge. This program also includes a patrolling
security guard that protects the storage from unnecessary access.
Once the risk is being managed successfully than it becomes essential to have proper ways to
ensure that the system is able to run effectively without facing any challenges. The
vulnerabilities need to be mitigated successfully so that it can have proper control over the
software designing phase. Vulnerability is mainly referred to the weakness or gaps that are

present between the security programs that can be easily exploited for the purpose of getting
unauthorized access over the asset. With the help of risk management process it will become
easy to mitigate the risks. In addition to this, software testing process will also ensure that the
development system is able to meet the needs of the customers. The major concept behind risk
management is to ensure that all the potential risks are being removed successfully. After the
vulnerabilities are mitigated it becomes easy to design the software securely with all the
necessary design. Risk management helps in describing the risk based on the impacts so that it
becomes easy to treat the risks. The main reason behind having a proper security risk assessment
is that it ensures that all the challenges that are preventing the application from working properly
are being mitigated successfully.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Bibliography
Chung, L., Nixon, B. A., Yu, E., & Mylopoulos, J. (2012). Non-functional requirements in
software engineering (Vol. 5). Springer Science & Business Media.
Dick, J., Hull, E., & Jackson, K. (2017). Requirements engineering. Springer.
Hopkin, P. (2018). Fundamentals of risk management: understanding, evaluating and
implementing effective risk management. Kogan Page Publishers.
Jiang, Y. (2019). Dynamic Vulnerability Analysis in Cyber-Physical System.
Kumar, M. (2018). A Comparative Study of Universally Accepted SDLC Models for Software
Development.
Layton, T. P. (2016). Information Security: Design, implementation, measurement, and
compliance. Auerbach Publications.
Sadgrove, K. (2016). The complete guide to business risk management. Routledge.