ITM527 Mod SLP: Risk Assessment of Operation Security Domain

Risk Assessment of Operation Security Domain
Name
Institutional Affiliation
Risk Assessment of Operation Security Domain
Department of Defense operations security is a critical area where information should be prevented from leaking to inappropriate personnel. The mostly affected information security domain is the operations security domain. The information security system of the army department of defense is a critical area where systems’ vulnerability to malware and illegal access may be disastrous for the department. The army operations security domain deals with implementing reasonable protections and control department resources, software and hardware. In the domain, it is critical that information systems are maintained through establishing appropriate programs for monitoring, auditing and evaluation of vulnerabilities and threats to department information systems (NIST, 2010).
The development of security architecture in the department calls for a keen understanding of the whole information system from the system configuration, hardware, and software. The information system for any department of defense contains sensitive security information that can be exposed to vulnerabilities, risks, and threats. The need for risk assessment traverses understanding of the operations security domain, such that architecture issues are addressed by applying appropriate controls and safeguards measures. Securing information systems start with protecting information systems. In the operations security area, the risk assessment is described regarding development system routine. The main issues that risk assessment in the domain is concerned with include access control, confidentiality, availability and integrity. The special requirements for the risk assessment of the operation security field is risk control and security architecture models.
Security Architecture
The three security architecture models in the domain include access control, information flow, and integrity. One important aspect of the access control of the domain of operation security is cryptography, where the only information transmitted, can be accessed and read by the intended person. The transmitted information is only readable to a suitable individual using encryption of the ciphertext (Walsh, 2009). IT is the only way of safeguarding the integrity and confidentiality of the transmitted data. The risk assessment factors include system feasibility which incorporates the identification of information systems security requirements together with regulatory elements, security standards, and internal policies. The associated risks, vulnerabilities, and threats affect the operations security domain. It is the second stage of any development cycle where software plans are made to facilitate completion of cost-benefit evaluation and analysis (Dougherty, 2010). It is the onset of planning appropriate protection level. The other important aspect of operation security is product design that entails planning security specifications such as encryption and access control provisions. The level of risk is thus determined by the intensity and the type of encryption required. In the domain of security, the underlying risks to a security system can be mitigated quickly if there is a proper monitoring of the security systems and software so as to determine any changes in the domain controls. The freshly discovered risks and vulnerabilities are assessed against the existing controls such that it is ...