Risk control strategies-risk management, Computer Network Security

Assignment Help:

Risk Control Strategies

Once the ranked vulnerability risk worksheet has created, they should choose one of following 4 strategies to control each risk:
•    Apply safeguards which eliminates/ reduce the remaining uncontrolled risks for the vulnerability.
•    Transfer risk to other areas /to outside entities.
•    Reduce impact should the vulnerability be exploited.
•    Understand consequences and accept risk (acceptance) without control/mitigation.

Avoidance
•    Attempts to avoid exploitation of vulnerability
•    Preferred approach; accomplished through countering threats, restricting asset access, removing asset vulnerabilities, and adding protective safeguards
•    Three basic methods of risk avoidance:
1 Application of policy
2 Training and education
3 Applying technology

Transference
•    Control approach which attempts to shift risk to other assets, or organizations
•    If lacking, organization should hire individuals/firms which provide security management and administration expertise
•    Organization may then transfer risk related with management of complex systems to another organization experienced in dealing with the risks.

Mitigation

•    Attempts to reduce the impact of vulnerability exploitation through planning and preparation

•    Approach includes 3 types of plans:

1 Incident response plan (IRP)

2 Disaster recovery plan (DRP)

3 Business continuity plan (BCP)’

Acceptance

•    Not doing anything to protect vulnerability and accepting outcome of its exploitation
•    Valid when the particular function, information, or asset doesn’t justify cost of protection
•    Risk appetite describes the degree to which the organization is willing to allow risk as trade off to the expense for applying the controls.


Related Discussions:- Risk control strategies-risk management

Explain the security service - confidentiality, Question: (a) Explain t...

Question: (a) Explain the following security services: Confidentiality, Availability. (b) Which attack will be used to bypass even the best physical and logical security m

Star topology, STAR TOPOLOGY In this topology, all devices are attache...

STAR TOPOLOGY In this topology, all devices are attached to a central point, which is sometimes known as the "Hub" as given in the diagram below.   Figure: An ideal

Future threats to network security and planning for those th, I need a help...

I need a help on how to write good assignment on the above topic

How to create a security policy, Five years ago, Calgary Kids' Cloth Ltd wa...

Five years ago, Calgary Kids' Cloth Ltd was just a small retail store in downtown Calgary. The company started their own factory in SE Calgary to produce outdoor clothes for kids.

Factors of informtion security, Confidentiality Confidentiality of inform...

Confidentiality Confidentiality of information ensures that only those with sufficient privileges may access specific information. When unauthorized individuals can access inform

Wan architecture and wan service, MegaCorp INC. is a large manufacturing f...

MegaCorp INC. is a large manufacturing firm that operates 5 factories in Dallas, 4  factories in Los Angeles, and 5 factories in Albany, New York.  It operates a tightly  connected

Define byte stuffing, Sometimes the special character may see in data and a...

Sometimes the special character may see in data and as a part of data they will be misinterpreted as packet data. The solution to this cause is Byte stuffing.   In general to

Identified issues in networks, The "Big Red Rocks" (BRR) mining company is ...

The "Big Red Rocks" (BRR) mining company is based and operates in Western Australia. They are primarily an iron ore miner, but they also produce electricity through tidal power to

Point to point transmission(ppp), Normal 0 false false fals...

Normal 0 false false false EN-US X-NONE X-NONE

Security and basics steps in writing thesis, how can i start thesis? Please...

how can i start thesis? Please mention so of examples?

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd