Assessment of the Security of My Company's Computer System

2251 WordsFeb 3, 20189 Pages
1. Purpose: The purpose of this risk evaluation is to assess the security of my company’s computer system. This assessment will be a representation of its operational environment. It will be addressing any risks, threats, or vulnerabilities being posed to the system. This risk assessment will measure the confidentiality, integrity, and availability of the system. 2. Scope: 3. RISK ASSESSMENT APPROACH This assessment checks for system vulnerabilities influencing, confidentiality, integrity, and the availability of the system. The methods used involved management, operational, and technical controls. The IT security system management team was heavily involved, as well as the operational team that implemented the security mechanisms that took place. The assessment was approached using the guidelines in: • NIST Special Publication 800-26 & • Elementary Information Security, Richard E. Smith. 4. System Description: Computer was bought in 2011 and it is continuously updated and is presently maintained by Zuhair Khan. Table 1. Computer Name US_Server Operating System Windows 7 with Service Pack 1 – 64 bit Manufacturer Asus Processor Intel i7-3610QM @2.30 GHZ Ram Installed 8 GB The following is contact information for US_Server: Table 2. Name Zuhair Khan Title Owner Address TAMU – Commerce Phone 972-000-000 E-mail zuhair@testcompany.com 4.1. System Function The US_Server system maintains information on the US Country Shoes agreements, proposals for
Open Document