Risk control strategies-, Computer Network Security

Risk Control Strategies

Once the ranked vulnerability risk worksheet has created, they should choose one of following 4 strategies to control each risk:
•Apply safeguards which eliminates/ reduce the remaining uncontrolled risks for the vulnerability.
•Transfer risk to other areas /to outside entities.
•Reduce impact should the vulnerability be exploited.
•Understand consequences and accept risk (acceptance) without control/mitigation.

•Attempts to avoid exploitation of vulnerability
•Preferred approach; accomplished through countering threats, restricting asset access, removing asset vulnerabilities, and adding protective safeguards
•Three basic methods of risk avoidance:
-Application of policy
-Training and education
- Applying technology


•Control approach which attempts to shift risk to other assets, or organizations
•If lacking, organization should hire individuals/firms which provide security management and administration expertise
•Organization may then transfer risk related with management of complex systems to another organization experienced in dealing with the risks.


•Attempts to reduce the impact of vulnerability exploitation through planning and preparation

•Approach includes 3 types of plans:
-Incident response plan (IRP)
-Disaster recovery plan (DRP)
-Business continuity plan (BCP)’


•Not doing anything to protect vulnerability and accepting outcome of its exploitation
•Valid when the particular function, information, or asset doesn’t justify cost of protection
•Risk appetite describes the degree to which the organization is willing to allow risk as trade off to the expense for applying the controls.

Posted Date: 10/9/2012 2:14:54 AM | Location : United States

Related Discussions:- Risk control strategies-, Assignment Help, Ask Question on Risk control strategies-, Get Answer, Expert's Help, Risk control strategies- Discussions

Write discussion on Risk control strategies-
Your posts are moderated
Related Questions
Selecting a Risk Control Strategy Risk controls involve selecting one of the 4 risk control strategies for every vulnerability. The flowchart is shown in the figure given below

QUESTION (a) Illustrate the term file carving. (b) What are the basic three main techniques for image steganography? (c) Distinguish between vector graphics and raster

You have been asked to design a Banking Network with two primary types of locations.  Branches that will have 3 subnets, one /25 subnet one /26 subnet for ABMS and one /26 s

ERROR REPORTING MECHANISM (ICMP) INTRODUCTION:  IP gives best-effort delivery. Delivery causes can be ignored; datagrams may be 'dropped on the ground'. Internet Control Me

REASON FOR MULTIPLE TOPOLOGIES Every topology has disadvantages and advantages, which are described below: IN A RING:  It is simple to coordinate access to other dev

what is relation ship between computer security goals?

Question: a) You are using Active Directory Users under Windows Server 2003 and Computers to configure user objects in your domain, and you are able to change the address and

Problem: (a) What do you meant by Network Address Translation (NAT)? Why is it used? (b) Given the following information by your ISP about your newly acquired Frame Relay c

Question: (a) Besides privacy, what other security functions does Pretty Good Privacy (PGP) provides? (b) What is the Post Office Protocol (POP) used for? Why is it impo

According to the case, The EZ Company introduced a new technology, focusing on the principles of informationintegration and visualization. The company started negotiatinga saleto a