Essay Available:
Pages:
1 pages/≈275 words
Sources:
3
Style:
APA
Subject:
Technology
Type:
Essay
Language:
English (U.S.)
Document:
MS Word
Date:
Total cost:
$ 5.4
Topic:
Critical business activities
Essay Instructions:
A security officer has been tasked with the responsibility to develop a risk assessment plan, but before this can be accomplished, it is necessary to identify critical business activities and processes that are used to help in determining risk exposure.
- Identify at least three documents that should be created or examined
- What would you look for to determine risks to the corporate information systems?
Essay Sample Content Preview:
CRITICAL BUSINESS ACTIVITIES
Name of student:
Date:
CRITICAL BUSINESS ACTIVITIES
Introduction
Risk management in information technology aims at protecting the integrity, confidentiality and the information availability in an organization. Regardless of the dimension in which data may take such as print or electronic all information in the organization is taken to be confidential which must be handled with care to avoid it from falling into the wrong hands. This paper will address the documents that must be created in examining risks and the controls you look for in managing risks (Anderson, 2006).
Documents used in examining risks
These include the user`s requirements, budget and the schedule. In risk determination, it is important that the security officer to establish the user`s requirements to be in a position to enable them understand the proposed project. Besides, a good schedule must be built to ensure proper implementation of the risk assessment. Moreover, it is important that preparation of a sound financial plan is necessary to ensure survival of the risk management plan. This ensures that risk assessment plan is up to date and is carried to completion (Aceituno, 2005).
Controls in risk determination process
In assessment of risks security officer may choose to reduce the risk by putting into consideration different types of controls. This includes; administrative controls, logical and physical controls. Administrative controls entail putting down written policies, guidelines, principles, standards and procedures in running the business and managing people. This forms a foundation in determining the physical and logical controls. On the other hand, logical controls entail application of software and information to track and monitor the content in the computing systems. This may involve use of passwords, host based fireworks, network and access control lists. Last but not least, physical controls takes care of the work place environment and facilities where access to and from such facilities is monitored (Dhillon, 2007).
In conclusion it is clear that...
Name of student:
Date:
CRITICAL BUSINESS ACTIVITIES
Introduction
Risk management in information technology aims at protecting the integrity, confidentiality and the information availability in an organization. Regardless of the dimension in which data may take such as print or electronic all information in the organization is taken to be confidential which must be handled with care to avoid it from falling into the wrong hands. This paper will address the documents that must be created in examining risks and the controls you look for in managing risks (Anderson, 2006).
Documents used in examining risks
These include the user`s requirements, budget and the schedule. In risk determination, it is important that the security officer to establish the user`s requirements to be in a position to enable them understand the proposed project. Besides, a good schedule must be built to ensure proper implementation of the risk assessment. Moreover, it is important that preparation of a sound financial plan is necessary to ensure survival of the risk management plan. This ensures that risk assessment plan is up to date and is carried to completion (Aceituno, 2005).
Controls in risk determination process
In assessment of risks security officer may choose to reduce the risk by putting into consideration different types of controls. This includes; administrative controls, logical and physical controls. Administrative controls entail putting down written policies, guidelines, principles, standards and procedures in running the business and managing people. This forms a foundation in determining the physical and logical controls. On the other hand, logical controls entail application of software and information to track and monitor the content in the computing systems. This may involve use of passwords, host based fireworks, network and access control lists. Last but not least, physical controls takes care of the work place environment and facilities where access to and from such facilities is monitored (Dhillon, 2007).
In conclusion it is clear that...
Get the Whole Paper!
Not exactly what you need?
Do you need a custom essay? Order right now: