Risk control strategies-risk management, Computer Network Security

Assignment Help:

Risk Control Strategies

Once the ranked vulnerability risk worksheet has created, they should choose one of following 4 strategies to control each risk:
•    Apply safeguards which eliminates/ reduce the remaining uncontrolled risks for the vulnerability.
•    Transfer risk to other areas /to outside entities.
•    Reduce impact should the vulnerability be exploited.
•    Understand consequences and accept risk (acceptance) without control/mitigation.

Avoidance
•    Attempts to avoid exploitation of vulnerability
•    Preferred approach; accomplished through countering threats, restricting asset access, removing asset vulnerabilities, and adding protective safeguards
•    Three basic methods of risk avoidance:
1 Application of policy
2 Training and education
3 Applying technology

Transference
•    Control approach which attempts to shift risk to other assets, or organizations
•    If lacking, organization should hire individuals/firms which provide security management and administration expertise
•    Organization may then transfer risk related with management of complex systems to another organization experienced in dealing with the risks.

Mitigation

•    Attempts to reduce the impact of vulnerability exploitation through planning and preparation

•    Approach includes 3 types of plans:

1 Incident response plan (IRP)

2 Disaster recovery plan (DRP)

3 Business continuity plan (BCP)’

Acceptance

•    Not doing anything to protect vulnerability and accepting outcome of its exploitation
•    Valid when the particular function, information, or asset doesn’t justify cost of protection
•    Risk appetite describes the degree to which the organization is willing to allow risk as trade off to the expense for applying the controls.


Related Discussions:- Risk control strategies-risk management

Secure a wireless network, Secure a Wireless Network WIRELES Most onli...

Secure a Wireless Network WIRELES Most online retailers provide some type of privacy statement. Many statements are long, and appear in small print, and many appear to be simi

Short term scheduler, Short term Scheduler function , also shown as a disp...

Short term Scheduler function , also shown as a dispatcher runs most frequently, and creates the finest-grained decision of which program could run next. This scheduler is called

Securities Issues in a company, 'Near Field Communication' (NFC) technologi...

'Near Field Communication' (NFC) technologies are expected to become commonplace in the near future. Some relevant features are these: A suitable device (such as a mobile pho

Explain security, W h a t do you understand by the terms security, netwo...

W h a t do you understand by the terms security, network security and information security? How network security and information security are connected? Security can be def

Web accessibility initiative standards, Australian government sites were ma...

Australian government sites were mandated to conform to at least single 'A' level of the World Wide Web Consortium (W3C) Web Accessibility Initiative (WAI) standards, by the end of

Draw the full network diagram, Problem (a) Below is a capture of an E...

Problem (a) Below is a capture of an Ethernet II frame which contains an IPv4 packet and a TCP segment. The second screen capture is from the data portion of the frame.

Classification of networks, Computer networks are defined by four factors w...

Computer networks are defined by four factors which are as given below: 1) NETWORK SIZE: According to the size of networks. 1) Local Area Network ( LAN) 2) Wide Area Ne

Threat identification-risk management, Threat Identification After ident...

Threat Identification After identifying and performing a primary classification of an organization’s information assets, the analysis phase moves onto an examination of threats

Write a note on digital signature, Question 1 Explain the types of threats...

Question 1 Explain the types of threats (Attacks) Question 2 What are the Characteristics of Good Encryption Technique? Question 3 Write a note on Digital Signatur

Routing protocol for a banking network, You have been asked to design a Ban...

You have been asked to design a Banking Network with two primary types of locations.  Branches that will have 3 subnets, one /25 subnet one /26 subnet for ABMS and one /26 s

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd