Information System Risks

1562 WordsNov 10, 20107 Pages
Information System Risk Management Claudia I. Campos CJA 570 Cyber Crime and Information Systems Security July 5, 2010 Steven Bolt Abstract The realization of potential risks to an organizations information system has been increased in the past few years. The principles of risk management, vulnerabilities, internal threats, and external threats is the first step in determining which levels of security are necessary to protect and limit the risks to an organizations information system. This essay will describe the principles of risk management as they pertain to the information system and its associated technology of Professional Security Training School. Moreover, this essay will include an exploration of the vulnerabilities of…show more content…
PSTS would be in the initiation phase because they must consider the design of the system structure and related security risks, determine various security methods, and perform a data sensitivity assessment. Although their information system is well established, the lack of analysis and assessments conducted make their information system extremely vulnerable. Nature of Potential Internal and External Threats Information systems have become extremely complex, therefore the need to establish complete methods and procedures. Hacking is one of the largest and dangerous external threats. Because PSTS has significant client information on a database, the probability of unauthorized people gaining access to the information is a huge possibility. External threats can come from domestic or foreign competitors of security guard training facilities who would be interested in soliciting clients to their establishment. This would enable other training facilities the ability to benefit their organization to increase their clientele, therefore growing financially. In another situation, individuals can steal the two laptops or universal serial bus (USB) to gain access to the database or to sell them for a profit. The Internet is an additional vulnerability that must be considered concerning security. Intruders can remain anonymous while causing havoc to the information system.
Open Document