Chapter 4 Risk Management

1329 words 6 pages
Show More
Chapter 4 - Risk Management

1. What is risk management? Why is identification of risks, by listing assets and their vulnerabilities, so important to the risk management process? Risk management is the process of identifying risk, as represented by vulnerabilities, to an organization’s information assets and infrastructure, and taking steps to reduce this risk to an acceptable level. Each of the three elements in the C.I.A. triangle, introduced in Chapter 1, is an essential part of every IT organization’s ability to sustain long-term competitiveness. When an organization depends on IT-based systems to remain viable, information security and the discipline of risk management must become an integral part of the economic basis for making …show more content…

The vulnerabilities identified by most of these tools extend beyond software defects (which are fixed by patching) to include other easily exploitable vulnerabilities, such as unsecured accounts, misconfigurations and even back doors. There are several types of assessment tools available.
Although these tools have general similarities, they can vary in the methods and processes they employ to identify vulnerabilities. As a best practice, you shouldn't rely on a single assessment tool but should use different tools to gain a broader perspective of their exposure to vulnerabilities. Open-source or shareware assessment tools are available online and can be used to supplement commercial scanners

11. What is competitive disadvantage? Why has it emerged as a factor? Competitive disadvantage is the state of falling behind the competition. It has emerged as a factor because business which do not stay on the cutting edge of IT can quickly fall behind the competition, given the current fast pace of technological advances.
12. What are the strategies from controlling risk as described in this chapter? The four risk control strategies are avoidance, transference, mitigation and acceptance.
13. Describe the “defend” strategy. List and describe the three common methods. The strategy of avoidance involves applying controls that eliminate or reduce the remaining

Related

  • Information Technology Project Management Appendix Answers
    19468 words | 78 pages

    Information Technology Project Management, Sixth Edition ISBN-10: 0324786921 ISBN-13: 9780324786927 Course Technology MIS Series Companion Web Site: www.cengage.com/mis/schwalbe Kathy Schwalbe, Ph.D., PMP Table of Contents CHAPTER 1 CHAPTER 2 CHAPTER 3 CHAPTER 4 CHAPTER 5 CHAPTER 6 CHAPTER 7 CHAPTER 8 CHAPTER 9 CHAPTER 10 CHAPTER 11 CHAPTER 12 APPENDIX A APPENDIX B APPENDIX C List of solution files available and referenced in this document, in alphabetical order: 2 4 6 7 14 20 24 29 32 35 37….

    Show More
  • Sony Corporation in the New Decade
    2059 words | 9 pages

    Student-ID-Mainz: 905202 Student-ID-London: 3000235 Lecturer: Prof. Randolf Schrank Unit: International Strategy Words: 2041 CHAPTER 1 INTRODUCTION Sony has successfully created an incredible brand name. It is all about high-technology, innovative products and state of the art gadgets. Sony was founded after post-war of Japan 1946 by two innovative thinkers Masaru Ibuka and….

    Show More
  • Healthcare Finance Chapter 1 and 2
    2342 words | 10 pages

    Chapter 1- Question and Answers 1.1 a. What are some of the industries in the healthcare sector? Some of the industries in the healthcare sector are health insurance, pharmaceuticals and biotechnology, medical equipment and supplies and health services. Others include education institutions, government and private research agencies. b. What is meant by the term healthcare finance as used in this book? Healthcare finance is a term used in this book to describe accounting and financial….

    Show More
  • Hih Insurance Limited
    2734 words | 11 pages

    Case One — Solutions HIH Insurance Limited: Inherent Risk Assessment, Legal Liability, Ethics and Audit Reports The case can be used either progressively through the course using questions relating to chapters as they are taught or as a consolidating case at the end of the course. Where possible, students should be encouraged to concurrently research information in the press relating to HIH while they undertake the case. Clearly, the points for discussion may change as further information becomes….

    Show More
  • Running Your Own Mnc
    4416 words | 18 pages

    EXECUTIVE SUMMARY 2 CHAPTER 1: COMPANY PROFILE 3 CHAPTER 2: ASSESSMENT OF COUNTRY FACTORS 5 Factors Affecting Balance of Trade between United States and Maldives 5 Import Controls in Maldives 7 CHAPTER 3: USING THE FOREIGN EXCHANGE MARKET 8 The Spot Market 8 Analysis of USD/MVR Cross Rate for the Last 1 Month, 3 Months and Last Year 9 CHAPTER 4: USE OF FORWARDS AND FUTURES MARKET 11 Analysis of Future Price Vs Spot Rate 12 CHAPTER 5: USING CURRENCY OPTIONS 13 CHAPTER 6: MONITORING CENTRAL….

    Show More
  • Industry Standards - Health & Safety
    3380 words | 14 pages

    Representative, proper systems are put into place to ensure maximum safety and minimum risk. Research was carried using the wealth of information available from the Health and Safety Authority (HSA), and this was used, with real life examples to highlight the importance of carefully….

    Show More
  • Self Case - Student Educational Loan Fund, Inc.
    6119 words | 25 pages

    Program: Master of Management Course: Risk Management Tutor: Mrs. Erni Ekawati, PhD. Title: Case 2: Analysis of Options Subtitle: Student Educational Loan Fund, Inc. Date: November 17, 2008 Place: Yogyakarta Authors: Martin Koopman Doddy Handaryadi Anindito Prabowo Gumirlang Wicaksono Introduction This report describes the situation which Rick Melnick faces in the fall of 1995, when assuming the responsibilities as Associate Director of Financial Management at Harvard Business….

    Show More
  • Application of Project Management Tools on the City School's Erp Project
    12943 words | 52 pages

    Table of Contents Acknowledgement Executive Summary Chapter 01: Introduction 5 1.1 Introduction to the Company 5 1.2 Mission Statement 6 1.3 Organization Chart 6 1.4 Role of Regional Office 7 1.5 Hierarchy of the System 9 1.6 Hierarchy at the Regional Office 9 1.7 Introduction to the Project 9 1.8 Current Financial Status of the Project 10 1.9 Activities 10 1.10 Current Activities 11 1.11 Vendor 11 1.12 Authorization/Personnel Involved 12 1.13 Duration of Tasks 12 1.14….

    Show More
  • The Entrpreneurship
    5924 words | 24 pages

    SECTION I. Chapter 1 THE CHALLENGE OF ENTREPRENEURSHIP The Foundations of Entrepreneurship ——————————————————————————————————————————————————————————————————————— Part One: Learning Objectives 1. Define the role of the entrepreneur in business in the United States and around the world. 2. Describe the entrepreneurial profile and evaluate your potential as an entrepreneur. 3. Describe the benefits and drawbacks of entrepreneurship. 4. Explain the forces that drive the growth in entrepreneurship….

    Show More
  • Fins1612 Final Exam 2006
    4792 words | 20 pages

    8. Superannuation funds that aim at delivering a longer term income stream and capital appreciation by acquiring a diversified asset portfolio across a wider risk spectrum are classified as: A: managed growth funds B: capital guaranteed funds C: balanced growth funds D: capital stable funds. 9. The financial institution that pools funds for individuals and then invests them in both the money….

    Show More

Popular Essays