Risk Assessment Consists Of Detecting And Calculating Security Risks

1446 Words6 Pages
Risk assessment consists of detecting and calculating security risks, addressing these concerns before cultivation and advising such risks to management (Wisegate, Inc., 2015). A risk assessment plan assists in determining not “if” but how vulnerable our system is. Having the knowledge of weak protocols, untrained employees, and insecure connections is essential to the health of our organization. The first step in a risk assessment plan is to understand our operating environment. The next step is to obtain up-to-date information on possible vulnerabilities within our network. By ascertaining where any vulnerabilities lie, we can mitigate protocols to correct or resolve such issues. Once all protocols have been initiated, the IT…show more content…
However, this link has an embedded virus that was just unleashed onto the company’s network. Another example is an accounts payable employee receives an email from management stating that in order for a particular project within the company to continue, a money transfer for ‘X’ amount of money must be completed today. Unknowingly, this employee fulfills the request. Not only is the company out of the specified amount of funds, but their network AND banking information is laid wide open for the hacker. In both examples, if employees are trained to spot false correspondence and thus notifies the IT department of the issues, the IT team can research and block the addresses for future attempted attacks. All of this will save not only our organization an indefinite amount of time and money, but will possibly save our clients the same. Below is an RA (Risk Assessment) table of risk and outline: Impact  1 2 3 4 5 Probability  Negligible Minor Moderate Significance Severe 81-100 % Low Risk Moderate Risk High Risk Extreme Risk Extreme Risk 61-80 % Minimum Risk Low Risk Moderate Risk High Risk Extreme Risk 41-60 % Minimum Risk Low Risk Moderate Risk High Risk High Risk 21-40 % Minimum Risk Low Risk Low Risk Moderate Risk High Risk 1-20 % Minimum Risk Minimum Risk Low Risk Moderate Risk High Risk Minimum risk is generally an acceptable risk zone. Increasing in risk percentage, increases amount of danger to our network (Chittoor, 2013). Impact
Open Document