Premium Essay

Risk Assessement Plan

In:

Submitted By bbbenny
Words 695
Pages 3
Risk Assessment Plan | IS3110 | | | 11/7/2013 |

[Type the abstract of the document here. The abstract is typically a short summary of the contents of the document. Type the abstract of the document here. The abstract is typically a short summary of the contents of the document.] |

Risk Assessment Plan A.) Identify key personnel- Involved personnel are CEO, CRO, and CITO. B.) Identify assets – Determined assets are hardware, software, systems, and data. C.) Identify threats- This will identify threats that are a potential danger to data, hardware, and systems D.) Identify vulnerabilities- The process to identify is by implementing and assessment and once identified a penetration test will be implemented E.) Identify and evaluate countermeasures- Identified risks will be counter measured to reduce the risk. F.) Assess threats vulnerabilities, and exploits- Test will be implemented to reduce the threat and help identify the problem. G.) Evaluate risks- The counter measure will be implemented to reduce the impact of the threat. H.) Develop recommendations to mitigate risks- Data taken will be used to reduce the threat and evaluate it. I.) Present recommendations to management- Threats and vulnerabilities and the risk that impacts will be presented.

Key Personnel
The personnel involved in making the key decisions will be the CEO, CRO, and CITO. No other personnel other than the above mention will play in a role in any of the risk management planning.
Assets
Assets identified will be determined accordingly. The value will be determined from the replacement value asset. It can be determine by what this asset provides to the organization and the cost to recover the asset. Assets can be systems access, system functions, hardware assets, software assets, personnel assets, data, and information assets.
Threats
The

Similar Documents

Premium Essay

Business Paper

...Business and Commercial Awareness ------------------------------------------------- MODULE CODE: 6FBS1261MODULE LEADER: Mr. Neil GodfreyImplementation PlanMember: Jenna Julien                      ID NUMBER: 13028960Programme Delivered by:CTS College of Business and Computer Science Ltd.Submission Date: 07/01/2013Final Word Count:1302(Excluding, Table of Contents, Tables & References) | Table of Contents Section 1.0 1 OVERVIEW OF INVESTMENT AND IMPACT ON FINANCIAL DEPARTMENT: 1 Section 2.0 2 LINKAGES WITH OTHER DEPARTMENTS: 2 Section 3.0 3 MILESTONES AND TIME PLAN FOR FINANCIAL ACTIVITIES: 3 Section 4.0 4 RISK MANAGEMENT PLAN: 4 TABLE 1: Showing Risk Plan for Implementation Plan 5 TABLE 2: Showing Risk Assessment for Implementation Plan 5 Section 5.0 6 FINANCIAL OVERVIEW OF INVESTMENT: 6 COST-PLAN 6 TABLE 3: SHOWING DETAILED EXPENSE ACCOUNT 7 TABLE 4: SHOWING TOTAL PROJECTED YEARLY INCOME 8 TABLE 5: SHOWING PROJECTED COST-INCOME RATIO 8 TABLE 6: SHOWING TOTAL FORECASTED PROFITS 8 TABLE 7: SHOWING PROJECTED PROFIT-INCOME RATIO 9 TABLE 8: SHOWING PROJECTED BREAK-EVEN PERIOD FOR 9 Section 6.0 10 RESOURCE REQUIREMENTS BY THE FINANCE DEPARTMENT: 10 Section 7.0 11 KEY PERFORMANCE INDICATORS 11 Section 8.0 12 REFERENCES 12 Section 1.0 OVERVIEW OF INVESTMENT AND IMPACT ON FINANCIAL DEPARTMENT: The 3 star new build in Rio de Jainero, Brazil was chosen as the best investment idea by our syndicate...

Words: 2601 - Pages: 11

Premium Essay

Communication Product

...RESULTS-BASED PUBLIC SECTOR MANAGEMENT A Rapid Assessment Guide PLAN EVALUATE BUDGET RESULTS MONITOR IMPLEMENT i RESULTS-BASED PUBLIC SECTOR MANAGEMENT A Rapid Assessment Guide © 2012 Asian Development Bank All rights reserved. Published in 2012. Printed in the Philippines ISBN 978-92-9092-838-6 (Print), 978-92-9092-839-3 (PDF) Publication Stock No. TIM124978 Cataloging-In-Publication Data Asian Development Bank    Results-based public sector management: A rapid assessment guide. Mandaluyong City, Philippines: Asian Development Bank, 2012. 1. Managing for development results   2. Results-based management    3. Public sector.   I. Asian Development Bank. The views expressed in this publication are those of the authors and do not necessarily reflect the views and policies of the Asian Development Bank (ADB), its Board of Governors, or the governments they represent. ADB does not guarantee the accuracy of the data included in this publication and accepts no responsibility for any consequence of their use. By making any designation of or reference to a particular territory or geographic area, or by using the term “country” in this document, ADB does not intend to make any judgments as to the legal or other status of any territory or area. ADB encourages printing or copying information exclusively for personal and noncommercial use with proper acknowledgment of ADB. Users are restricted from reselling, redistributing, or creating...

Words: 5265 - Pages: 22

Premium Essay

Risk Management Plan for Defense Logistics Information Service

...Risk Management Plan for Defense Logistics Information Service 1. PURPOSE This Risk Management Plan is an overall look at how Defense Logistics Information Service can protect it’s data. The implication of lost confidential government data is the primary cause for this plan, and will be treated with the utmost importance. 2. GUIDING PRINCIPLES This plan will be presented through a formal, written, written risk management, and security safety program. The Security Safety and Risk Management Program supports the DLIS philosophy that government safety and risk management is everyone’s responsibility. Teamwork and participation among management, providers, and staff are essential for an efficient and effective patient safety and risk management program. The program will be implemented through the coordination of multiple organizational functions and the activities of multiple departments. DLIS supports the establishment of such clauses and best practices. An in depth look at mistakes made and ways we can learn from them will be at the forefront of out investigation. Constructive feedback will play a large part as well. In a just culture, unsafe conditions and hazards are readily and proactively identified, mistakes are openly dicussed, and suggestions for systematic improvements are welcomed. Individuals are still held accountable for compliance with safety and risk management practives. As such, if evaluation and investigation of an error or even reveal reckless behavior...

Words: 829 - Pages: 4

Premium Essay

Recognizing and Minimizing Tort and Regulatory Risk Plan

...Regulatory Risk Plan Recognizing and Minimizing Tort and Regulatory Risk Plan LAW/531 September 29, 2010 Introduction Alumina, Inc. makes aluminum products and has revenues of over $4 Billion Dollars. The company is based in the United States (US) with operations in eight other countries around the world. The US accounts for 70% of Alumina’s market share. Alumina has business interests in automotive components and manufacture packaging materials, bauxite mining, and Alumina refining and smelting. The company falls under the jurisdiction of Region 6 of the Environmental Protection Agency (EPA) (University of Phoenix, 2010). Recognizing and Minimizing Tort and Regulatory Risk Plan Companies and organizations such as Alumina, Inc. have corporate governances that require them to operate their businesses under government rules, regulations and boundaries. The rules and regulations have been authorized and enacted by major legislation, which are enacted by Congress and enforceable by laws. Minimizing the risk of tort liability is the goal of every organization and company. Five years ago Alumina was in violation of environmental discharge norms in a routine EPA compliance evaluation inspection. The EPA ordered a cleaned up and Alumina complied right away. Now, the case of negligence starts. The government places a high level the importance on the preservation of the environment and enforces environmental regulations. Alumina has to come up with a risk management...

Words: 1581 - Pages: 7

Premium Essay

Improving Security Through Layed Security

...innovate, collaborate, and achieve competitive advantages. The security approach that many organizations have been forced to take in the past have been a reactive approach rather than viewing information security as a business enabler they see it as a inhibitor, designed to prevent bad things from happening. The problem with this is that good efforts in one area can be quickly nullified by failures in another. To help with its security transformation, Global called upon the expertise of CIS, its own security division, CIS’s information risk management strategy brings together, within a global framework, all the components that an organization needs to plan and implement an end-to-end approach for protecting a business’s most critical information assets. Looking a compliance you have to understand that there are certain laws that apply to financial data. The question at hand is looking at reporting from a unsecure network. Bringing in a risk team will first a foremost put that to a stop, finance data should not be reported over unsecured networks, this can a violation of compliance law by letting information out be that either non encrypted or passing it along where it is vulnerable. Assuring the integrity and security of personal information held by banks, insurance...

Words: 1132 - Pages: 5

Premium Essay

Ethics

...Creating and Maintaining an Effective Ethics and Business Conduct Program About DII The Defense Industry Initiative on Business Ethics and Conduct (DII) is an organization comprised of companies that provide systems, professional services, weapons, technology, supplies and construction to the U.S. Department of Defense. DII Signatory Companies are united in their commitment to adopt and implement the highest standards of business ethics and principles of conduct that acknowledge and address their organizational responsibilities under federal procurement policy and law. DII seeks to promote and nurture a culture of ethical conduct within every company in the defense industry. DII members, and the CEOs of every DII company, must abide by DII’s core principles. The DII Principles, updated in March 2010, state: We, the members of the Defense Industry Initiative on Business Ethics & Conduct (DII), affirm our commitment to uphold the highest ethical standards in all our business dealings with the government, as expressed through the following principles: 1. We shall act honestly in all business dealings with the U.S. government, protect taxpayer resources and provide high-quality products and services for the men and women of the U.S. Armed Forces. 2. We shall promote the highest ethical values as expressed in our written codes of business conduct, nurture an ethical culture through communications, training, and other means, and comply with and honor...

Words: 3046 - Pages: 13

Premium Essay

Penetration Test vs. Vulnerability Assessment

...Assessment Ø Penetration testing ensures you that your network will not be penetrated by malicious users. Ø Vulnerability Assessment gives an organization the ability to identify potentials for intrusion to their network. Ø Penetration test are more intrusive Reason for Assessement Ø Identify the vulnerability Ø Quantify the vulnerability Ø Prioritizing the vulnerability Internal vs. External Ø Internal assessment shows the vulnerabilities that employees or anyone with access to the internal network and exploit them. Ø External assessments shows the vulnerabilities from someone without direct access to the internal network. Window of Vulnerability Ø Unknown Window of Vulnerability Ø Known Window of Vulnerability Risk Ø Vulnerability Ø Attacks Ø Threats Ø Exposure Risk = Vulnerability x Attacks x Threats x Exposure Risk of Internal Assessment Ø Can’t be truly objective Ø Fair and impartial assessment Management is force to deal with the “fox in the Hen House” problem Steps 1-3 to an Successful Assessment • Understand the consequences • Document Management buy-in • Develop manageable objectives Step 4-6 to an Successful Assessment • Determine method • Plan for disruptions • Develop an assessment in a impactful, yet understandable, way. Qualified and Experienced outside Third Party. Ø Protect yourself with an contract Ø Breadth of experience Ø Currency with the latest technical and legal development Ø Cost effective ...

Words: 255 - Pages: 2

Premium Essay

Disney Diversification Case Study

...DIVERSIFICATION: Savoir-Relier TM INTRODUCTION 1/2 The Walt Disney Company has been created in 1923 and has grown by doing well in almost all of its activities and mostly due to diversification. It is today a group worth $ 25B with an average 10-year ROE of 15%, largely superior to other players in the industry (but still inferior to the 20% objective settled by Eisner when named CEO of the company). Used to taking risks, Disney is present in more sectors than any other of its direct competitors, excelling them (first top 6 positions for theme parks even though entry is more expensive than other parks; first 24 positions for top grossing animated films; top market share in domestic box office since1994; Most watched TV Show in 19992000 with Who wants to be a millionaire). But is this a sustainable scenario? INTRODUCTION 2/2 Disney Stock Performance vs SP500 350% 300% o Total assets grown steadily from 2.4 billion in 1983 to 45 billion in 2000, which also confirms the constant growing / diversification across years. A huge investment step occurred in 1996: from 15 to 37 billion - acquisition ABC ($19B) 250% 200% 150% 100% 50% 0% -50% o From 1996 – company didn’t attain the expected 20%/year ROE (decreased from 11% to 4% from 1983 to 1997) o Stabilization of operating margin, ROA and ROE while developing activities (increased revenue & net income, increase of assets) o In 1998 and 1999, the situation worsens  internet failure (portal and subscription service)...

Words: 1509 - Pages: 7

Premium Essay

Isk Management

...Project Part One Risk Management Draft Jarvis Thomas ITT Technical Institute IS 3110 Risk Management in Information Technology Security 16 October 2014 Table of Contents Document Purpose 3 Definition 3 Risk Management Approach 3 Risk Tolerance 4 Risk Management Tasks 4 Document Purpose The Risk Management Plan describes how risk management will be structured and performed on the project to ensure risk are being managed and controlled at acceptable levels. Risk in a project environment cannot be totally eliminated. The objective of a risk management process is to minimize the impact of unplanned incidents on the project by identifying and addressing potential risks before significant negative consequences occur. The Risk Management Plan also becomes a subset of the Project Management Plan. Definition Definition of Risk Management:  the formal process by which risks factors are systematically identified, assessed, and responded to.  Risk management concentrates on identifying and controlling areas or events that have a potential of causing unwanted change.  (Note that opportunities, also known as positive risk, should also be managed/exploited. This document is focused on mitigating negative risk, rather than maximizing positive risk.)   Definitions, Acronyms, and Abbreviations |Risk |A potential...

Words: 1025 - Pages: 5

Premium Essay

Sandringham Inns

...MBUS 804 Strategy II: Strategic Transformation Team Vancouver Order of files: Filename | Pages | Comments and/or Instructions | MBUS 804 – Team Assignment | 18+ Cover Page | | Additional Comments: STRATEGIC BUSINESS PLAN for SANDRINGHAM INNS for the Period January 2010 to December 20xx ____________________________________________________________ _________________________ TABLE OF CONTENTS Executive Summary Section Page 1. Statement of Vision, Mission and Objectives 1 2. Identification of Major Clients and Markets 1 3. Positioning Statement 3 4. Key Performance Indicator Scorecard 4 5. Review of Major Environmental Factors/Trends 5 6. Key Success Factors for Industry 6 7. Major Strategic Issues (External and Internal) 6 8. Stakeholder Preferences 8 9. Summary of Anticipated Human Resource Requirements 9 10. Summary of Financial Impacts and Outcomes 10 11. Action Plans to Achieve Objectives 11 12. Summary of Major Risks 12 Appendices: 1. Strategic & Operational Health Assessment 2. Financial Calculations 3. Executive Team Changes and New Functions EXECUTIVE SUMMARY To come (1) STATEMENT OF VISION, MISSION & OBJECTIVES Mission Statement: To earn the loyalty of our guests by establishing internationally tailored inns run by a team of dedicated and talented people in an intimate, luxurious setting. Vision Statement: To establish...

Words: 3943 - Pages: 16

Premium Essay

Sociology

...18.03.13 P5 : Describe how anti-discriminatory pratice is prompted in the health and social care settings Introduction This report is going to describe 5 different pratices that promotes anti- discriminatory pratices in health and social care settings . These pratices includes : 1. Ethical principles 2. putting individuals at the heart of service provision 3. supporting individuals to express their needs and preferences 4. mental health support – coping strategies 5. empowering individuals (1 ) ethical principles In the health and social care setting sector their are four keys ethical principles that needs to be taken into account these principles includes : 1. Justice 1. Autonomy 2. Benefericences 3. Non- maleficences Justice: In the health and social care settings there are different kind of people using the services.people from different cultures , religion , age , background , sex and belivies etc. Despite different views and belives eveyone must be treated with dignity and respected , everyone need to be treated fairly on matter their age or background. Autonomy: Autonomy can be described as the freedom to choose and to live with dignity, privacy and independence. According to the health and Social Care Act 2008 Regulations states that it is the rights of people using health care services to make their own choices and decision to have these respected by service providers. Autonomy covers all choices, including...

Words: 2709 - Pages: 11

Premium Essay

Child Hood Obesity

...in the United States over the last several decades, (Blackburn, 2005). It is a very serious issue which can lead to both health and social consequences attributing to the major deficits as an adult. Obesity is an excess of body fat. Body Mass Index is a popular method of defining a healthy weight versus being underweight, overweight or obese. Body Mass Index should be used as a guide, along with waist size, to help estimate the amount of body fat a person has. A Body Mass Index of 25 to 29.9 is considered overweight and a Body Mass Index of 30 or above is considered obese. Obesity can shorten your life and put you at risk of developing a number of serious health conditions. These are, but not limited to high blood pressure, diabetes, heart disease and some forms of cancer. It has also been noted that health risks are higher for youth who are obese, and the risks happens to increase as the degree of obesity increases. Youth who carry extra weight around their waist, rather than in their legs and thighs, are more likely to experience health problems caused by obesity. However, parents, the community, and schools can make a huge difference when it comes to preventing and solving the problems of overweight and obesity in adolescent. Physical education has been part of the educational curriculum for nearly 200 years. The physical education curriculum is designed to allow students to experience at least a minimum exposure to the following categories of activities: aquatics, conditioning...

Words: 5689 - Pages: 23

Premium Essay

Foreign-Market Entry Strategies in the European Union

...48 Foreign-Market Entry Strategies in the European Union Kyle Stiegert, Archie Amir Ardalan, and Thomas Marsh This study utilized intra-firm, socio-cultural, geographical-proximity, and political-stability variables to explain bimodal foreign direct investment (FDI) patterns by agri-food and beverage multinational companies into and within the European Union. A logit framework incorporated a unique-count database of firm-level investment patterns from 1987–1998. The results showed the 1992 structural changes under the Maastricht Treaty increased the probability of wholly owned FDI modes such as greenfields and buyouts. The model also found that past modal strategies of firms, language barriers, and exchange-rate volatility all correctly explained modal investment patterns. The results provide important contributions toward understanding modal investment strategies including the role of macroeconomic changes within a custom union. A popular way for a firm to secure a business presence in a foreign nation is through foreign direct investment (FDI) in production, marketing, and/or distribution facilities. Formally defined, FDI is an investment in which a multinational enterprise (MNE) acquires a substantial controlling interest in a foreign firm or in some other manner establishes fixed assets on foreign soil. Prior to 1970, multinational operations were often characterized as an exclusively American institution (Erdilek 1985). However, during the 1970s the U.S. shifted from...

Words: 7034 - Pages: 29

Premium Essay

Psychological Assessment

...PYC4807 Assignment 03 Unique Assignment number: 739624 Name: Tanja Bohler Student Number: 30440351 Address: PO Box 17139 Dubai United Arab Emirates A Discussion on Psychological Assessment in Early Childhood. ASSIGNMENT 03 – PYC4807 – STUDENT NUMBER 30440351 Table of Contents Page 1. Introduction……………………………………………………………………………………………….. 2. Reasons for Assessing Young Children……………………………………………………….. 3. Tests for Infants and Preschoolers……………………………………………………………… 3 4 5 4. Factors of Childhood Assessment……………………………………………………………….. 6 4.1 Characteristics of the Child……………………………………………………….. 4.2 Social Context of Assessment……………………………………………………. 6 8 4.3 The Examination Context of Assessment…………..………………………. 12 4.4 The Test as a Method of Assessment….……………………………………… 14 5. Principles of Assessment……………………………………………………………………………… 15 6. Predictive Validity of Early Childhood Assessment………………………………………. 19 7. Ethical Considerations of Assessing Young Children……………………………………. 20 8. Conclusion…………………………………………………………………………………………………… 21 9. Maya’s Assessment……………………………………………………………………………………… 23 10. References………………………………………………………………………………………………….. 28 2|Page ASSIGNMENT 03 – PYC4807 – STUDENT NUMBER 30440351 1. Introduction Children develop at different rates and in different ways. Parents and caregivers who are concerned about a child's development would seek developmental assessment and intervention from a health professional in order to support that child to reach his/her maximum potential...

Words: 5480 - Pages: 22

Free Essay

Unshakeable Faith: the Flawed Command of Bomber Harris

...Joint Command and Staff Programme 38 Distance Learning Rank & Name: Major Lynne Chaloux Syndicate No: 1 Directing Staff: BGen (ret’d) Gagnon Course: JCSP 38 DL Assignment Code: D1/DS 542/ENV/RP-01 Assignment Name: Command Research Paper Unshakeable Faith: The Flawed Command of Bomber Harris ASSESSMENT Assessor: Richard Martin Mark: Comments:       UNSHAKEABLE FAITH: THE FLAWED COMMAND OF BOMBER HARRIS INTRODUCTION This research paper will focus on Air Chief Marshal Sir Arthur Harris’ wartime command of the Royal Air Force’s (RAF) Bomber Command from 1942-1945. This analysis will utilize Dr. Ross Pigeau and Carol McCann’s model to evaluate the dimensions relating to Harris’ Competency, Authority and Responsibility (CAR) and to assess the overall balance and effectiveness of Harris’ command. The CAR model was deemed most suitable to dissect pertinent aspects of this complex and controversial commander, allowing for the necessary depth of analysis into his abilities, responsibilities, beliefs, actions and reactions over a specific timeframe. This paper will illustrate that Harris, although highly skilled in many areas and having demonstrated impressive successes at the helm of Bomber Command, had a singular and seemingly intractable approach to war – to obliterate Germany’s war production capacity by area bombing its cities. This inflexible approach inhibited his...

Words: 6567 - Pages: 27