Question
2- Andrea Worth, Manager, Finance has just asked you whether you have conducted a risk assessment on the Finance systems (payroll, accounts receivable, accounts payable,
2- Andrea Worth, Manager, Finance has just asked you whether you have conducted a risk assessment on the Finance systems (payroll, accounts receivable, accounts payable, email, etc.). What is the difference between IT risk and business risk?
3- List some of the threats to an IT system that supports Finance.
4- What are the reasons to implement separation of duties and how can this be done?
5- An asset is worth $10,000. The likelihood of an attack is once every two years with an expected impact of 80% damage. The risk acceptance level is $2000. A control that would reduce the risk to $1000 per event is available at an annual cost of $4000. Should the company implement the control? Calculate SLE, ARO and ALE. Then calculate residual risk once the control is implemented.
6- XYZ Network Solutions has contractual agreements (Service Level Agreements) with its customers and regulatory requirements that require it to maintain certain levels of network and service availability. How should these factors be addressed in the risk assessment? Should this be calculated as an quantitative or qualitative risk assessment?
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started