Information Security

Assessment Worksheet Aligning Risks, Threats, and Vulnerabilities to COBIT P09 Risk Management Controls Course Name and Number : ______________________________ _______________________ Student Name: ____________________ ____________________________________________ Instructor Name: ______________ ________________________________________________ Lab Due Date: ____________________ ____________________________________________ Overview In this lab, you defined COBIT P09, you desc ribed COBIT P09’s six control objectives, you explained how the threats and vulnerabilities al ign to the definition for the assessment and management of risks, and you used COBIT P09 to determine the scope of risk management for an IT infrastructure. Lab Assessment Questions & Answers 1. What is COBIT P09’s purpose? 2. Name three of COBIT’s six control objectives.

3. For each of the threats and vulnerabilities from th e Identifying Threats and Vulnerabilities in an IT Infrastructure lab in this lab manual (list at least three and no more than five) that you have remediated, what must you assess as part of your overall COBIT P09 risk management approach for your IT infrastructure?

4. True or false: COBIT P09 risk management control objectives focus on assessment and management of IT risk.

www.jblearning.com Student Lab Manual 5. What is the name of the organization that defined the COBIT P09 Risk Management Framework?

6. Describe three of the COBIT P09 control objectives.

7. Describe three of the COBIT P09.1 IT Risk Management Framework control objectives.