Question
As part of a formal risk assessment on the use of laptops by employees of a large government department, you have identified the asset confidentiality
As part of a formal risk assessment on the use of laptops by employees of a large government department, you have identified the asset “confidentiality of personnel information in a copy of a database stored unencrypted on the laptop” and the threat “theft of personal information, and its subsequent use in identity theft caused by the theft of the laptop.” Suggest reasonable values for the items in the risk register for this asset and threat, and provide justifications for your choices.
Table 14.5 Risk Register
Asset | Threat/ Vulnerability | Existing Controls | Likelihood | Consequence | Level of Risk | Risk Priority |
Internet router | Outside hacker attack | Admin password only | Possible | Moderate | High | 1 |
Destruction of data center | Accidental fire or flood | None (no disaster recovery plan) | Unlikely | Major | High | 2 |
Step by Step Solution
3.45 Rating (165 Votes )
There are 3 Steps involved in it
Step: 1
One of the key aspects of organizational security policies is the security risk assessment The possible threats and vulnerabilities to the organization must be addressed before applying the safeguard ...
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Financial Accounting Information For Decisions
Authors: Robert w Ingram, Thomas L Albright
6th Edition
9780324313413, 324672705, 324313411, 978-0324672701
