Essay Risk Assessment And Risk Management Plan

1188 Words Jan 31st, 2016 null Page
Gibson says, “A risk assessment (RA), also referred to as “Risk Analysis”, is a process used to identify and evaluate risk” (2015). It differs from Risk Management Plan (RMP) as RA is about classifying the risks quantitatively and qualitatively, but RMP is about avoiding and mitigating risks, threats and vulnerabilities.
Risk assessment is a subset of RMP. RA helps an organization to prioritize the risks based on their likelihood and degree of impact. RA is a very important instrument when an organization is trying to evaluate their risks, plan the control/solution and monitor their effectiveness. RA helps the management take well informed decision to neutralize the risks based on the quantitative numbers and qualitative factors. Once a control measure is implemented, another round of RA helps the management understand how effective are their control measures, whether they would need improvisation in the control measures or there has to be a completely new solution developed to mitigate the risk.

STEP 8 and 9: In your lab report file…..

SL.no Risks, Threats, ad Vulnerabilities Primary domain impacted Risk Impact/factor
1 Unauthorized access from public Internet WAN 2
2 User destroys data in application and deletes all files LAN 1
3 Hacker penetrates your IT infrastructure and gains access to your internal network System/Application 3
4 Intraoffice employee romance gone bad Workstation 3
5 Fire destroys primary data center System/Application 1
6 Service provider service…

Related Documents