Lms Integrated For Mindtap Information Security, 1 Term (6 Months) Printed Access Card For Whitman/mattord's Management Of Information Security, 5th
5th Edition
ISBN: 9781305949454
Author: Michael E. Whitman, Herbert J. Mattord
Publisher: Cengage Learning
expand_more
expand_more
format_list_bulleted
Question
Chapter 7, Problem 9RQ
Program Plan Intro
Risk control strategy:
- Risk Control Strategies are those defensive measures which are utilized by InfoSec and IT communities to manage the risks and limit vulnerabilities to an acceptable level.
- A risk assessment is an important tool and it should be incorporated in the process of identifying and determining the vulnerabilities and threats that could potentially impact resources and assets to help manage risk.
- Risk management is a component of a risk control strategy because it involves determining how much risk is acceptable for any process or operation, such as replacing equipment.
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solution
Students have asked these similar questions
Explain the importance of reviewing historical documentation, including past risk assessments, business impact analyses, security policies and procedures, and incident reports, as a foundation for risk mitigation planning. How can analyzing past vulnerabilities and threats inform the identification of similar risks in the present?
Discuss the trade-off between focusing on specific risks and vulnerabilities for individual systems and functions (narrow focus) versus taking a broader organizational perspective (broad focus) when planning risk mitigation strategies. Highlight the benefits and limitations of each approach.
The final step in the security risk assessment process is to
a. create a chart that identifies loss events, their frequency, and their monetary costs
b.
C.
d.
analyze the costs and benefits of various countermeasures
assess the feasibility of implementing each of the identified mitigation measures
decide whether or not to implement particular countermeasures
What is difference between Risk and Threat?
Chapter 7 Solutions
Lms Integrated For Mindtap Information Security, 1 Term (6 Months) Printed Access Card For Whitman/mattord's Management Of Information Security, 5th
Ch. 7 - Prob. 1RQCh. 7 - Prob. 2RQCh. 7 - Prob. 3RQCh. 7 - Prob. 4RQCh. 7 - Prob. 5RQCh. 7 - Prob. 6RQCh. 7 - Prob. 7RQCh. 7 - Prob. 8RQCh. 7 - Prob. 9RQCh. 7 - Prob. 10RQ
Ch. 7 - Prob. 11RQCh. 7 - Prob. 12RQCh. 7 - Prob. 13RQCh. 7 - Prob. 14RQCh. 7 - Prob. 15RQCh. 7 - Prob. 16RQCh. 7 - Prob. 17RQCh. 7 - Prob. 18RQCh. 7 - Prob. 19RQCh. 7 - Prob. 20RQCh. 7 - Prob. 1ECh. 7 - Prob. 2ECh. 7 - Prob. 3ECh. 7 - Prob. 4ECh. 7 - Prob. 5ECh. 7 - Prob. 6ECh. 7 - Prob. 7ECh. 7 - Prob. 1DQCh. 7 - Prob. 2DQCh. 7 - Prob. 1EDM
Knowledge Booster
Similar questions
- Risk reduction strategy(ies) is (are): Select one: a. Damage limitation b. Risk avoidance, Risk detection and removal, and Damage limitation c. Risk detection and removal d. Risk avoidancearrow_forwardDetermining whether or whether the dangers are under control What aspect of risk management is responsible for dealing with these dangers and risks? Is it possible to put a number on it?arrow_forwardIs deterrence as a risk management strategy?arrow_forward
- A recommended approach is that the people assigned to implement a risk management program should begin by studying the models presented earlier in this chapter and identifying what each offers to the envisioned process. Once the organization understands what each risk management model offers, it can adapt one that is a good fit for the specific needs at hand. Which risk control strategy would you consider the most effective and why? When should the strategy be used and why should it not be used for all risks?arrow_forward............... identifie(s) risks from the systems environment. Aim is to develop an initial set of system security and dependability requirement Select one: a. Preliminary risk analysis b. Preliminary risk analysis, life cycle risk analysis and operational risk analysis c. Life cycle risk analysis d. Operational risk analysisarrow_forwardHow exactly does an organization's information security plan function as the project's overall strategy?arrow_forward
- Which of the following are stages of risk-based analysis Select one: a. Risk identification, analysis and classification, decompisition and reduction assessment are not the complete stages b. Risk identification, analysis and classification, decompisition and reduction assessment c. Risk decompisition and reduction assessment d. Risk identification, analysis and classificationarrow_forwardHow exactly does one go about transforming an organization's information security plan into a workable project strategy?arrow_forwardHave you experienced scope creep in your development of a Risk Management Plan (or other policy)? If so, how did you handle it? If not, what actions would you have taken to control scope creep? (Remember, if you have not personally experienced this situation, please research a company or individual who has dealt with scope creep and provide a brief overview of their situation. Be sure to copy/paste the link from which you retrieved the information)arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,
Principles of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning