StudyDaddy Business & Finance

Waiting for answer This question has not been answered yet. You can hire a professional tutor to get the answer.

QUESTION

ITM 527 Module 1 Case

Module 1 - Case

RISK ASSESSMENT

Assignment Overview

Information Systems have become the foundational platforms for many organizations and businesses to carry out their missions and business functions. Hence, managing the security risk related to the use and operation of the information systems has also become a critical component of managing organizational risks. The following article provides an overview of managing information security risk, especially from the managerial perspective.

NIST (2011), "Managing Information Security Risk -- Organization, Mission and Information System View," National Institute of Standards and Technology Special Publication 800-39.

Effective risk management of information system security first asks for systematic risk assessment. The following article provides frameworks, fundamentals, and processes for risk assessment. Matrix are also suggested to guide detailed risk assessment of threats, their likelihood, and impacts, etc.

NIST (2011). Information Security -- Guide for Conducting Risk Assessments. National Institute of Standards and Technology Special Publication 800-30 Revision 1.

The following chapter in the Handbook of Information Security Management also covers the similar topics such as the risk assessment of threats and likelihood, qualitative and quantitative considerations of risk assessment and even some accounting methods. Even speaking in slightly different languages, the fundamentals and methods are similar.

Ozier, W. Section 3-1—Risk Analysis. Handbook of Information Security Management.

Case Assignment

After reading the above articles (the first two are documentations with many pages, please selectively read the important content rather than read word-by-word), please write a 3-5 page paper titled:

"How to Systematically Conduct Risk Assessments of Information System Security Risks? -- Fundamentals and Methods"

Assignment Expectations

Please address the following issues in your paper:

  1. The importance of risk management for information system security
  2. The principles and fundamentals of risk management of information system security
  3. The importance and fundamentals of risk assessment of information system security
  4. The methods of risk assessments including processes, matrix, calculations, etc.
  5. The challenges and solutions to risk assessments that are particularly interesting to you
Show more
Related Questions:

Have a similar question?

Continue to edit or attach image(s).

New questions
Homework Categories
LEARN MORE EFFECTIVELY AND GET BETTER GRADES!
Ask a Question