Risk Identification and management is a very important activity of a project. To identify the risks associated with a business, it is necessary to assess the business activities. All the important services, assets, resources and factors affecting them should be considered carefully to identify the risks. Assessing the business activities will help in analysing the loopholes, if any, in the system and the threats & risks related to it.
The main risks associated with this project are mentioned below:
Server Breakdown: As stated in the requirement, there is a centralized management system which controls all the activities. In the worst case scenario, it can be assumed that the main server may broke-down. If this server breaks down then the software and all the required services will not be accessible. This will directly affects the regular activities of the system.
To control the affect of this threat, a backup system is required. A backup plan should be created in such a way so that a replica is created of the main server. In case of some issues, all the operations can be completed through the main server. All the activities will be routed to the backup server. Thus the regular activities will function as normal.
Identity theft: The system should be access protected. There are chances that the authorised employee may steal the important information and share the same with the rival organization. Or unauthorised employee gains the access to the important information by some means. As in this Information technology environment, all the information is stored in the computers in the digital form. So the chances of threats are also increased.
To control such activities, role based access rights policies should be accurately defined and implemented at the organization level. Logs should be created in an automated way and these files should be monitored carefully so that a check can be made on the suspicious activities. .
Hacking: There is a possibility of hacking as well. In this cyber-act the main system can be hacked by the hackers. This will allow the hackers to gain a complete control on the system. Important database files can be corrupted or deleted as an affect. Applications may not behave as required. This will affect the reputation of the organization.
To control such activities, firewalls should be implemented at appropriate places with respect to the main server. This will control the network traffic. Firewalls also help in monitoring of the suspicious activities. Network traffic form the suspicious IP can be blocked using the firewalls.
Virus Control: The server should be kept in a safe environment. Viruses can completely harm your system. It can occupy the main memory of the system thus making it unnecessary overloaded. Viruses can also destroy the applications and important files.
To control its effects, proper antivirus should be installed on the system. It should be updated at regular intervals so that it can take appropriate actions at the right time.
Monitoring of Risks
To monitor the known risks, log files can be created and based on its output various alarms can be triggered. For example, an alarm-mail notification and an alarming message can be triggered to the group of person, in case of some issues.