Question
4.[15marks] Lets do some risk analysis on Trent's information assets.Trent stores many types of about students and three of these are: identification information (name, address,
4.[15marks] Lets do some risk analysis on Trent's information assets.Trent stores many types of about students and three of these are: identification information (name, address, SIN, telephone numbers etc.), IT information (username, password, email services, etc.), and financial information (tuition, student loans, banking information,etc.)
a.[3marks] For EACH of the three types of information describe who would want to illegally access this type of information and why?
b.[3marks] Consider what the impact would be for EACH of the three types of information mentioned above if the information was improperly accessed or damaged. Is the impact Catastrophic (expose school to serious lawsuits, loss of reputation, and/or information cannot be recreated), Serious (some exposure to lawsuits, loss of reputation and/or information is expensive to recreate), or No Big Deal (small chance of lawsuits, information can easily be recreated). Be sure to justify your choice for each type of information.
c.[3 marks] Now consider what the likelihood is that EACH type of information could be accessed or damaged: not likely, moderately likely, very likely. Justify why you think the information fits in that category.
d.[6 marks] Now lets look at how we can manage the risk. Basic techniques are: avoiding the risk, modifying the risk (impact and/or likelihood), transferring the risk to others, and accepting the risk. What techniques would you use for EACH of the types of information and how would you implement it?
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started