Risk control strategies-risk management, Computer Network Security

Assignment Help:

Risk Control Strategies

Once the ranked vulnerability risk worksheet has created, they should choose one of following 4 strategies to control each risk:
•    Apply safeguards which eliminates/ reduce the remaining uncontrolled risks for the vulnerability.
•    Transfer risk to other areas /to outside entities.
•    Reduce impact should the vulnerability be exploited.
•    Understand consequences and accept risk (acceptance) without control/mitigation.

Avoidance
•    Attempts to avoid exploitation of vulnerability
•    Preferred approach; accomplished through countering threats, restricting asset access, removing asset vulnerabilities, and adding protective safeguards
•    Three basic methods of risk avoidance:
1 Application of policy
2 Training and education
3 Applying technology

Transference
•    Control approach which attempts to shift risk to other assets, or organizations
•    If lacking, organization should hire individuals/firms which provide security management and administration expertise
•    Organization may then transfer risk related with management of complex systems to another organization experienced in dealing with the risks.

Mitigation

•    Attempts to reduce the impact of vulnerability exploitation through planning and preparation

•    Approach includes 3 types of plans:

1 Incident response plan (IRP)

2 Disaster recovery plan (DRP)

3 Business continuity plan (BCP)’

Acceptance

•    Not doing anything to protect vulnerability and accepting outcome of its exploitation
•    Valid when the particular function, information, or asset doesn’t justify cost of protection
•    Risk appetite describes the degree to which the organization is willing to allow risk as trade off to the expense for applying the controls.


Related Discussions:- Risk control strategies-risk management

Need for security-information security, NEED FOR SECURITY Primary missio...

NEED FOR SECURITY Primary mission of information security to ensure that the systems and contents stay the same If no threats, could focus on improving the systems, resulting in

Summarises the firewall protocols, Your rules should ensure that Internet a...

Your rules should ensure that Internet access will be restricted to the following: Only the following services will be permitted as OUTBOUND traffic (to the Internet from the DM

Question, Describe the process a proposed standard goes through to become a...

Describe the process a proposed standard goes through to become an RFC

Sending an arp message, Normal 0 false false false EN-U...

Normal 0 false false false EN-US X-NONE X-NONE

Explain the concept of zero knowledge proofs, (a) Describe the concept of ...

(a) Describe the concept of zero knowledge proofs. Give a practical example. (b) Explain how a one way hash function works. (c) What are message authentication codes? (d)

Explain how can we achieved privacy in an e-mail system, Explain how can we...

Explain how can we achieved privacy in an e-mail system.  The full form of PEM is Privacy Enhanced Mail: PEM  is  the  internet  Privacy  Enhanced  Mail  standard  adopted

Ethical hacking penetration testing, Get a copy of Metasploitable at Make...

Get a copy of Metasploitable at Make">http://sourceforge.net/projects/metasploitable/files/Metasploitable2/ Make sure to follow these directions very carefully. You will get po

Draw a suitable physical network diagram, Question a) From the capture ...

Question a) From the capture below: Give the datagram source IP address, upper layer protocol, Total length in decimal and header checksum in hexadecimal; the segment source po

Issue specific security policy, Why an organization need the issue specific...

Why an organization need the issue specific security policy

Describe the function of a tap in wmns, Question: (a) A Wireless Mesh N...

Question: (a) A Wireless Mesh Network (WMN) is a communications network made up of radio nodes organized in a mesh topology. i. Describe the function of a TAP in WMNs. ii.

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd