Risk control strategies-risk management, Computer Network Security

Risk Control Strategies

Once the ranked vulnerability risk worksheet has created, they should choose one of following 4 strategies to control each risk:
•    Apply safeguards which eliminates/ reduce the remaining uncontrolled risks for the vulnerability.
•    Transfer risk to other areas /to outside entities.
•    Reduce impact should the vulnerability be exploited.
•    Understand consequences and accept risk (acceptance) without control/mitigation.

Avoidance
•    Attempts to avoid exploitation of vulnerability
•    Preferred approach; accomplished through countering threats, restricting asset access, removing asset vulnerabilities, and adding protective safeguards
•    Three basic methods of risk avoidance:
1 Application of policy
2 Training and education
3 Applying technology

Transference
•    Control approach which attempts to shift risk to other assets, or organizations
•    If lacking, organization should hire individuals/firms which provide security management and administration expertise
•    Organization may then transfer risk related with management of complex systems to another organization experienced in dealing with the risks.

Mitigation

•    Attempts to reduce the impact of vulnerability exploitation through planning and preparation

•    Approach includes 3 types of plans:

1 Incident response plan (IRP)

2 Disaster recovery plan (DRP)

3 Business continuity plan (BCP)’

Acceptance

•    Not doing anything to protect vulnerability and accepting outcome of its exploitation
•    Valid when the particular function, information, or asset doesn’t justify cost of protection
•    Risk appetite describes the degree to which the organization is willing to allow risk as trade off to the expense for applying the controls.

Posted Date: 10/8/2012 6:44:24 AM | Location : United States







Related Discussions:- Risk control strategies-risk management, Assignment Help, Ask Question on Risk control strategies-risk management, Get Answer, Expert's Help, Risk control strategies-risk management Discussions

Write discussion on Risk control strategies-risk management
Your posts are moderated
Related Questions
what is the guaranteed quality of this coursework? how many days it take for 10-12 pages? how much will be? thanks

Problem 1: List measurable entities on which the quality of service in a data communication network depends Problem 2: Show the features of a typical Network Management

Security Clearances For a security clearance in organizations each data user should be assigned a single level of authorization indicating classification level. Before approachi

(a) Explain the importance of the Euler Totient function in Cryptography. Calculate Euler Totient function value, φ(1280). (b) Explain the role of the Authentication Server (

You are designing a Demilitarized zone for a large corporation. Using design best practice, and the information that you have learned so far, propose a design that will provide the

Risk Control Strategies Once the ranked vulnerability risk worksheet has created, they should choose one of following 4 strategies to control each risk: •    Apply safeguards wh

Q. Analysis of the Problem of cyber attack? According to the case, The EZ Company is a prominent organization specialized in information integration and visualization technolog

Protocols for Secure Communications Securing Internet Communication by using S-HTTP and SSL Secure Socket Layer (SSL) protocol is a protocol that uses public key encryption t

COLLISION DETECTION The signals from two devices will interfere with each other and the overlapping of frames is known a collision. It does not cause to the hardware but data

Question: (a) What do you meant by the term diffusion and confusion? Explain how diffusion and confusion can be implemented. (b) Distinguish between authorisation and auth