Risk control strategies-risk management, Computer Network Security

Risk Control Strategies

Once the ranked vulnerability risk worksheet has created, they should choose one of following 4 strategies to control each risk:
•    Apply safeguards which eliminates/ reduce the remaining uncontrolled risks for the vulnerability.
•    Transfer risk to other areas /to outside entities.
•    Reduce impact should the vulnerability be exploited.
•    Understand consequences and accept risk (acceptance) without control/mitigation.

•    Attempts to avoid exploitation of vulnerability
•    Preferred approach; accomplished through countering threats, restricting asset access, removing asset vulnerabilities, and adding protective safeguards
•    Three basic methods of risk avoidance:
1 Application of policy
2 Training and education
3 Applying technology

•    Control approach which attempts to shift risk to other assets, or organizations
•    If lacking, organization should hire individuals/firms which provide security management and administration expertise
•    Organization may then transfer risk related with management of complex systems to another organization experienced in dealing with the risks.


•    Attempts to reduce the impact of vulnerability exploitation through planning and preparation

•    Approach includes 3 types of plans:

1 Incident response plan (IRP)

2 Disaster recovery plan (DRP)

3 Business continuity plan (BCP)’


•    Not doing anything to protect vulnerability and accepting outcome of its exploitation
•    Valid when the particular function, information, or asset doesn’t justify cost of protection
•    Risk appetite describes the degree to which the organization is willing to allow risk as trade off to the expense for applying the controls.

Posted Date: 10/8/2012 6:44:24 AM | Location : United States

Related Discussions:- Risk control strategies-risk management, Assignment Help, Ask Question on Risk control strategies-risk management, Get Answer, Expert's Help, Risk control strategies-risk management Discussions

Write discussion on Risk control strategies-risk management
Your posts are moderated
Related Questions
PARSING IPv6 HEADERS Base header is fixed in size i.e. 40 octets. NEXT HEADER field in the base header describe kind of header and it seems at end of fixed-size base header. S

every time i connect to WIFI the UC goes directly to 100% then i doesn''t want to come down. what shall i do ?

Question : Environmental Accounting is a means for businesses to fulfill their responsibilities for accountability to stakeholders. (a) What do you understand by Environment

IDS Intrusion is a attack on information assets in which instigator attempts to gain entry into or disrupt normal system with harmful intent Incident response is an identificatio

Feasibility Studies Before deciding on strategy, all information of economic or non economic consequences of vulnerability of information asset should be explored. A number of w

What is one-time pad for encryption?  Describe how it offers both Confusion and Diffusion. Using the letter encoding discussed in class (along with one-time

Many applications are vulnerable to intrusion attacks and can provide misleading reports about misbehaving nodes. Some of the mechanisms under such a category include the Bayesian

Techniques for combating Spam mails Many anti spam products are commercially available in market. But it should also be noted that no  one technique is a complete solution to

how would land elevation have canged if coronado had traveled 150 miles due west from what is today arizona instead of west toward new mexico

Question: (a) What is the main security vulnerability of IPv4? (b) Which protocol can be used for secure remote login? (c) Distinguish between the transport and tunnel