LAB 3 Assessment Worksheet Defining the Scope and Structure for an IT Risk Management Plan Course Name and Number: Security Risk Management CSS250-1802B-02Student Name: Michael CelentoInstructor Name: Professor Stephen OsborneLab Due Date: 5/30/2018Overview In this lab, you defined the purpose of an IT risk management plan, you defined the scope for an IT risk management plan that encompasses the seven domains of a typical IT infrastructure, you related the risks, threats, and vulnerabilities to the plan, and you created an IT risk management plan outline that incorporates the five major parts of an IT risk management process. Lab Assessment Questions & Answers1. What is the goal or objective of an IT risk management plan? 2. What are the five fundamental components of an IT risk management plan? 3. Define what risk planning is. 4. In which step the risk management process do you find, recognize, and describe risks?5. What is the exercise called when you are trying to gauge how significant a risk is?

6. What practice helps address a risk? 7. What ongoing practice helps track risk in real time? 8. True or False: Once an organization completes all risk management steps, from planning through monitoring, the task is done.9. Given that an IT risk management plan can be large in scope, why is it a good idea to develop a risk management plan team? 10. In the seven domains of a typical IT infrastructure, the User domain is typically the most difficult toplan, identify, assess, treat, and monitor. Why?

Want to read all 6 pages?