Principles Of Information Security, Loose-leaf Version
6th Edition
ISBN: 9781337685757
Author: Michael E. Whitman, Herbert J. Mattord
Publisher: Cengage Learning
expand_more
expand_more
format_list_bulleted
Expert Solution & Answer
Chapter 5, Problem 1RQ
Explanation of Solution
Risk management:
- The process of identifying risk, evaluating its comparative magnitude, and taking some steps to reduce it to the acceptable level is referred as risk management.
- The probability of defining something that will go wrong as a source of any event or due to any series of sequences is referred as risk.
- A risk management plan contains assessment, analysis, and handling the risk.
- It takes the step to ensure the confidentiality, integrity and availability of all the components in the organization’s
information system . - It has three major undertakings:
- Risk identification
- Risk assessment
- Risk control
Identifying the risk:
- Identification of risk is important, because an individual should know what risks are available in the system and should be aware of the ways to control them.
- Information should be analyzed and the system which stores, uses and transmit information should be checked repeatedly.
- These steps should be taken to protect it from risk and to make sure up to which vulnerabilities they are susceptible.
- Once the process has been identified, analyze what are the measures that have been already taken to protect the system.
- Moving the asset from place does not really mean that the asset is kept safer.
- Organizations will start implementing the control
mechanisms , but they unfortunately neglect the periodic review, maintenance, revision which are necessary to run the system without risk. - Thus, the training programs, education and technologies which help in protecting the information should be maintained carefully and regularly.
Want to see more full solutions like this?
Subscribe now to access step-by-step solutions to millions of textbook problems written by subject matter experts!
Students have asked these similar questions
What does risk management entail? When it comes to risk management, why is it so important to identify risks and vulnerabilities associated with assets?
What does risk management entail? Why is it critical to identify risks and vulnerabilities to assets in risk management?
What exactly do you mean by risk management? What are the benefits of identifying assets' risks and vulnerabilities in risk management?
Chapter 5 Solutions
Principles Of Information Security, Loose-leaf Version
Ch. 5 - Prob. 1RQCh. 5 - Prob. 2RQCh. 5 - Prob. 3RQCh. 5 - Prob. 4RQCh. 5 - Prob. 5RQCh. 5 - Prob. 6RQCh. 5 - Prob. 7RQCh. 5 - Prob. 8RQCh. 5 - Prob. 9RQCh. 5 - Prob. 10RQ
Ch. 5 - Prob. 11RQCh. 5 - Prob. 12RQCh. 5 - Prob. 13RQCh. 5 - Prob. 14RQCh. 5 - Prob. 15RQCh. 5 - Prob. 16RQCh. 5 - Prob. 17RQCh. 5 - Prob. 18RQCh. 5 - Prob. 19RQCh. 5 - Prob. 20RQCh. 5 - Prob. 1ECh. 5 - Prob. 2ECh. 5 - Prob. 3ECh. 5 - Prob. 4ECh. 5 - Prob. 5ECh. 5 - Prob. 1CEDQCh. 5 - Prob. 2CEDQCh. 5 - Prob. 3CEDQCh. 5 - Prob. 1EDM
Knowledge Booster
Similar questions
- To put it another way, what does risk management mean? What are the reasons for the significance of identifying assets' risks and vulnerabilities in risk management?arrow_forwardExactly what do you mean when you talk about risk management? In the context of risk management, what are the advantages of recognizing the risks and vulnerabilities associated with assets?arrow_forwardWhy is the identification of risks, by listing assets and their vulnerabilities, so important to the risk management process? REFERENCES Main Textbook Whitman, M. E., & Mattord, H. J. (2012). Principles of information security. Nelson Education. Whitman, M. E., & Mattord, H. J. (2013). Management of information security. Nelson Education.arrow_forward
Recommended textbooks for you
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,Principles of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage LearningInformation Technology Project ManagementComputer ScienceISBN:9781337101356Author:Kathy SchwalbePublisher:Cengage Learning
- Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Information Technology Project Management
Computer Science
ISBN:9781337101356
Author:Kathy Schwalbe
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning