T_McKinstry_Risk Mitigation Plan part 3

.docx

School

Charter Oak State College *

*We aren’t endorsed by this school

Course

CSS 230

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

6

Uploaded by ChefDanger11876

Report
Risk Mitigation Plan Thomas McKinstry Charter Oak State College CSS 230: Fundamentals of Information Security Systems Professor Travon Reid October 1, 2023
Risk Mitigation The table below is a risk register table that shows the current threats or risks that can fall on the organization. Description of Risk Likelihood Impact Severity Owner Mitigating Action Power Failures Certain >90% chance High (IT Department mainframe goes down) High Facilities Reroute power Data Loss Likely 50%- 90% Medium (Sensitive data is inaccessible) Medium IT Manager Cloud Storage or backup drives Cybercrime Moderate 10% - 50% High (Sensitive information is stolen) High Cybersecurit y Risk & Compliance Manager Temporarily shut down facility sites
Power Failures The risk associated with power failures is very prevalent within the organization’s IT department, as the given description involving the facility, first noted this risk. The power failures that have occurred in the IT department lasts for a varying amount of hours and slows operations down considerably, as well as leaving the facility’s sensitive information, vulnerable to attack. This risk is not at the IT department’s fault, but rather the city’s electrical grid has a faulty power line that is prone to cutting out. The IT department mainframe is something of great importance for both security reasons, as well as overall facility operations, and must be addressed. Mitigating Action When it comes down to the risk of power failure. The mitigating action is to reroute power to an emergency generator, in the event of a power outage. The amount of time it will take for the main power to come back online can be compensated with the use of the emergency generator. Another way to mitigate this is to keep physical documents of any important information in the event of a power failure to use as a substitute in order to keep operations running. The person responsible for this mitigating action would fall with the Facilities department manager. Data Loss The risk that comes with power failures, also bring another risk of data loss. The data kept on the Information Technology Department Mainframe can be lost with an abrupt power failure as all running operations on the computers and networks suddenly cease and remain offline for hours. Data loss can include a number of items within the
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help