Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

You are a business analyst participating in the risk assessment processfor your business. Senior management has devised the following Weighted Factor Analysis policy for the

You are a business analyst participating in the risk assessment processfor your business. Senior

management has devised the following Weighted Factor Analysis policy for the valuations of all

assets within the risk assessment process:

image text in transcribed

Additionally, your business uses a combination of quantitative and qualitative risk data points to

describe impact. The mappings between the qualitative labels and their quantitative settings are

as follows:

image text in transcribed

image text in transcribed

image text in transcribed

Information Asset Impact to Revenue Impact to Public Image 25 Weighted Score Criterion Weight 75 100 Very high 100% High 80% Moderate 65% Medium 50% Low 35% Very Low 20% As part of an overall risk assessment process, you are asked to assess risk in relation to two information assets. These assets have been identified by you as follows: An Electronic Data Interchange Logistics outbound (to supplier) data set. You have assessed that this document has a high impact on revenues earned by your business, and a medium business impact on the public image of your business. The most likely attack against this data set is insider abuse, and this is estimated to be 35% probable. The current controls in place to counter this attack are estimated to be 45% effective. You are 95% certain of your assumptions and data. A web server for the business organization is hosted by the organization's ISP. This server performs e-commerce transactions that have very high impact on revenues, and a very high impact on the public image of your business. The web server can be attacked by sending it invalid HTTP values. The likelihood of a single attack is estimated to be 0.25. A control has been implemented that reduces the impact of the vulnerability by 15%. You are 80% certain of your assumptions and data. a) Explain how you would calculate the asset valuations in the example above. Your answer should clearly explain all valuation criteria involved in the valuation. (4%) b) Calculate the relative risk for each of the two assets using the formula (3) from the presentation (Risk = likelihood * asset_value - % controlled + % uncertain). Which asset would you recommend for further security? You must show all working, and concisely list any assumptions you need to make. (6%)

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

More Books

Students also viewed these Accounting questions

Question

Which STDs are of the greatest concern among current young adults?

Answered: 1 week ago