grp3_RiskAssessment_v2

grp3_RiskAssessment_v2 - Fail to update software Fail to...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Information Security Risk Assessment A risk is the likelihood that a threat will exploit vulnerability, bypassing safeguards, to cause a loss to an asset. Assets Assets are everything that needs protection, such as hardware, software, or corporate reputation. Workstations Server Network Microsoft Access 2003 license Four Microsoft Windows XP licenses Microsoft Windows 2003 Server License Resident information on database Proposed database Threats Threats include natural disasters like fire and flood and manmade disasters such as data destruction and user error. Natural disasters o Fire o Flood o Tornado o Earthquake Man Made Disasters o Data destruction o User error o Theft o Viruses o Hackers
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Vulnerabilities Vulnerabilities are those things that provide a window of opportunity through which threats can impact assets. Unauthorized access
Background image of page 2
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Fail to update software Fail to update virus definitions Entry error Hardware failure Poor password security Losses Losses include direct losses, such as stolen equipment, indirect losses, such as the cost of reloading system software, and intangible losses, such as the damage to a companys reputation. Direct losses o Stolen hardware o Damaged equipment o Corrupted data Indirect losses o Cost of reloading software o Cost of new equipment o Cost of employee wages fixing errors Safeguards Safeguards are all processes that are in place to prevent loss or limit the scope of damages. Existing firewalls Existing anti-virus software Regular data backup Limit access to hardware Passwords Storing data backups offsite...
View Full Document

This note was uploaded on 03/11/2010 for the course MIS 4110 taught by Professor N/a during the Spring '10 term at Uni. Münster.

Page1 / 2

grp3_RiskAssessment_v2 - Fail to update software Fail to...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online