Is3110 Project: Risk Management Plan

1805 Words Nov 14th, 2013 8 Pages
Defense Logistics Information Service
(DLIS)

Outline I. Introduction a. Scope b. Assign to departments c. Risk Matrix d. Risk mitigation plan e. Impact Analysis II. (BIA) f. Departments g. Business Impact h. Costs Analysis III. Recommendations (BIA) i. Business Impact Analysis Results j. Maximum Acceptable Outage IV. (DLIS) Business Continuity Plan a. Purpose b. Scope c. Plan Objectives d. Disaster definition e. Recovery teams f. Team member responsibilities g. Instructions for using the plan/Invoking the plan h. Data backup policy i. Offsite storage procedures j. In the
…show more content…
Key roles that will play a big part in the completion of this project will pertain to network security and reliability and client confidentiality.

Department Managers | * Departments will do a RA specific to their department. * Duties will be carried out by Supervisors. | Employees | * Employees will carry out task dependent on there department. | Assign to departments:

Risk matrix Level | Likelihood Definition | High | The threat source is highly motivated and sufficiently capable, and controls to prevent the vulnerability from being exercised are ineffective. | Moderate | The threat source is motivated and capable, but controls are in place that may impede successful exercise of the vulnerability. | Low | The threat source lacks motivation or capability, or controls are in place to prevent, or at least significantly impede, the vulnerability from being exercised. | *

Risk mitigation plan * Risk mitigation: The next major step in measuring level of risk was to determine the adverse impact resulting from successful exploitation of vulnerability. The adverse impact of a security event can be described in terms of loss or degradation of any, or a combination of any, of the following three security goals: * Loss of Confidentiality – Impact of unauthorized disclosure of sensitive information (e.g., Privacy Act). * Loss of Integrity – Impact if system or data integrity is lost by unauthorized

More about Is3110 Project: Risk Management Plan

Open Document