home

Unit 5 Individual Project Risk And Security

Read Complete Research Material



Unit 5 individual project Risk and Security

Explain the process of risk identification, risk assessment, and the development of risk control strategies in designing security for an information management system.

Risk management is the regulations designed to protect the organization and its goals and abilities from any possible threats and hazards. Risk management help risk managers in developing organizational security plan and also provide confidence and motivation to them. Risk security plans generally support the risk manager in developing the logical and actual strategies in identification, assessment and controlling the risks.

In information industry the organization defines its risk assessment process to make it sure that data security is in compliance with the proposed requirements. Different qualitative and quantitative methods are used to design the risk plan of the applications and system of the organization.

Risk Identification

Risk identification is the inspection and recording of the any possible security attitude of an institution. The basic and key step of the risk management in information technology or any other field is the identification of the risk. Risk management team must have a complete understanding of all the risks and threats the organization can meet in present or in future and have ability to evaluate them. The evaluation is the defining of the vulnerability of the recourses of the organization that are open to the risk. This evaluation is done on the basis of the probability and the rate of the risk. The possible risks in the information management security are data loss, unauthorized access, system failure etc.

Risk Assessment

Risk assessment is defined as the determination of the rate of the resources' exposure to the risk. In the information security management the risk assessment is finding out how much the organizational information assets are susceptible to the threats and risks.

The risk analysis in information technology system consists of the assessment of the vulnerabilities of the system that may result in future risks and threats. The process of risk assessment starts from the determination of the possible risks go through the intensity of the risks then to the effects of these risks and end at the possible solutions for those risks.

Risk assessments are the finding out of the level of the risk in information management security and usually are for data loss by power failure, by human error or by any other means.

Development of Risk Control Strategies

Risk control is the controlling or limiting those deficits in internal controls or information system that may result in unpredictable suffering at the end. The strategies and tactics to control the risks and threats in the information technology system are done and implemented after the risks regarding the system are identified and assessed. The risk control strategies start with the risk management planning. For each risk a separate plan is developed however if two risks have same handling procedure than they are considered as a single risk identity.

What are some of the risk control strategies a company can employ to minimize risk?

Risk control strategies

The training and ...