assessing risk is355 it risk management

/in /by

Assessing Risks

Risk management begins with first identifying risks, threats, and vulnerabilities to then assess them. Assessing risks means to evaluate risk in terms of two factors. First, evaluate each risk’s likelihood of occurring. Second, evaluate the impact or consequences should the risk occur. Both likelihood and impact are important for understanding how each risk measures up to other risks. How the risks compare with one other is important when deciding which risk or risks take priority. In short, assessing is a critical step toward the goal of mitigation.

Assessing risks can be done in one of two ways: quantitatively or qualitatively. Quantitatively means to assign numerical values or some objective, empirical value. For example, “Less than $1,000 to repair” or “Biweekly.” Qualitatively means to assign wording or some quasi-subjective value. For example, a risk could be labeled critical, major, or minor.

In this lab, you will define the purpose of an IT risk assessment, you will align identified risks, threats, and vulnerabilities to an IT risk assessment that encompasses the seven domains of a typical IT infrastructure, you will classify the risks, threats, and vulnerabilities, and you will prioritize them. Finally, you will write an executive summary that addresses the risk assessment findings, risk assessment impact, and recommendations to remediate areas of noncompliance.

Learning Objectives

Upon completing this lab, you will be able to:

Define the purpose and objectives of an IT risk assessment. Align identified risks, threats, and vulnerabilities to an IT risk assessment that encompasses

the seven domains of a typical IT infrastructure. Classify identified risks, threats, and vulnerabilities according to a qualitative risk assessment

template. Prioritize classified risks, threats, and vulnerabilities according to the defined qualitative risk

assessment scale. Craft an executive summary that addresses the risk assessment findings, risk assessment

impact, and recommendations to remediate areas of noncompliance.

Complete Lab #4, found on pages 29-35 of your Lab Manual.

Deliverables

Upon completion of this lab, you are required to provide the following deliverables to your instructor:

1. Lab Report file;

2. Lab Assessments file.

 
Looking for a similar assignment? Our writers will offer you original work free from plagiarism. We follow the assignment instructions to the letter and always deliver on time. Be assured of a quality paper that will raise your grade. Order now and Get a 15% Discount! Use Coupon Code "Newclient"