Question
Total Marks: 100 Assignment 1: Risk computation and identifying strategies to secure information and assets In this assignment, you are responsible for managing an email
Total Marks: 100
Assignment 1: Risk computation and identifying strategies to secure information and assets
In this assignment, you are responsible for managing an email server for an IT organization. The email server can be considered connected with Internet 24/7, stores critical emails of all employees, need 24/7 to upkeep the business. Consider the server is geographically located in a city which has higher chance of earthquake, has very little rain, has small population with high standard health care system, very peaceful and quite place where citizens have safety and security assured. The organization has shortage of anti-virus software, and personnel to deal with security risks. You need to assign probability range between 0 and 1, and impact between scale 1 to 10. See the defined two tables below:
| Level | Probability |
| Low | 0.0 to 0.39 |
| Medium | 0.40 to 0.50 |
| High | >0.50 |
| Level | Impact |
| Low | 1.0 to 3.99 |
| Medium | 4.00 to 5.00 |
| High | 5.01 to 10.00 |
Part A: [70 Marks]
Now fill out the following worksheet that is obtained from
http://searchdisasterrecovery.techtarget.com/Risk-assessments-in-disaster-recovery-planning-A-free-IT-risk-assessment-template-and-guide
Your Task is to assign probability of threat and impact level based on the description above and using your own discretion, followed by computing risk. For convenience, the first row is shown:
Risk analysis worksheet (Range of 0.0 to 1.0 for P and I)
| Threat | Probability (P) | Impact (I) | Risk = P x I |
| Flooding Internal [low, low] | 0.1 | 2 | 0.2 |
| Flooding External [???, ???] |
|
|
|
| Fire Internal |
|
|
|
| Fire External |
|
|
|
| Severe Storms |
|
|
|
| Wind Storm |
|
|
|
| Earthquake |
|
|
|
| Tornado |
|
|
|
| Hurricane |
|
|
|
| Snow Storm |
|
|
|
| Ice Storm |
|
|
|
| Hail |
|
|
|
| Drought |
|
|
|
| Tsunami |
|
|
|
| Mud Slide |
|
|
|
| Epidemic |
|
|
|
| Pandemic |
|
|
|
| Explosion |
|
|
|
| Gas Leak |
|
|
|
| Structural Failure, e.g., Bridge Collapse |
|
|
|
| IT System Software |
|
|
|
| IT Applications |
|
|
|
| IT Hardware |
|
|
|
| IT Viruses |
|
|
|
| IT Hacking, Unauthorized Intrusions |
|
|
|
| IT Communications, Connectivity |
|
|
|
| IT Vendor Failure |
|
|
|
| IT Operational (Human) Error |
|
|
|
| Terrorism Biological |
|
|
|
| Terrorism Chemical |
|
|
|
| Terrorism Radiological |
|
|
|
| Terrorism Nuclear |
|
|
|
| Sabotage |
|
|
|
| Bomb Threat |
|
|
|
| Criminal Theft |
|
|
|
| Criminal Break-ins |
|
|
|
| Criminal Vandalism |
|
|
|
| Criminal Espionage |
|
|
|
| Work Action, Strike |
|
|
|
| Civil Disorder |
|
|
|
| Human Error |
|
|
|
| Other |
|
|
|
Part B: [15 Marks]
After computing risk, list the top five threats based on your computation.
Part C: [15 Marks]
Could you suggest some protective measures or mitigation approaches to reduce these top five threats? Use your discretion.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Advances In Spatial And Temporal Databases 10th International Symposium Sstd 2007 Boston Ma Usa July 2007 Proceedings Lncs 4605
Authors: Dimitris Papadias ,Donghui Zhang ,George Kollios
2007th Edition
3540735399, 978-3540735397
