It Risk Analysis Case Study

Only available on StudyMode
  • Download(s) : 101
  • Published : December 10, 2010
Open Document
Text Preview
1.0 Introduction –

Information Technology is vital to every business today, since most businesses today are linked together with high speed broadband networks, high definition screens; superfast computers only make them a treat for a user. So, if the IT fails the businesses suffer huge losses in a matter of minutes for e.g. the London stock exchange has an IT failure it could possibly mean a loss of thousands of pounds every fraction of a second. Every Risk no matter how big or small is a potential threat for e.g. a small cut on the hand could turn gangrenous over the period of time, what are we prescribed to do then, we would lose our limb, IT too is similar. A proper analysis and management is necessary to keep the IT in a good shape. Businesses understand IT as a risky proposition since they believe an IT system might last a while but would invariably die because of the stiff competition. Every time a new technology erupts on the market the one previous to it dies either a sudden or a slow death. For the past 4 decades IT has been a boon to the service industry making itself a slave science by supporting other sciences to grow, but very little effort has been made to log the number of times IT system failed and a even poorer job is done in logging the reasons that led to the failure. Most often the same mistakes are repeated but no serious lesson are learnt. We believe it’s high time we start logging our failures because a shocking 60% of all IT projects fail even today. Normally, IT Risks are detected pretty late which leads to a failure it happens because a proper analysis and assessment is lacking. A good management would always like to know where and how its investment will be used in and hence Risk Management is used to analyse and manage their risks in a more strategized format.

2.0 Risks to the Organisation and its IS/IT

Below is a list of risks that have been identified by us, each list is separated by category, in which each category will list different types of risks.

Identification of risks; physical


Identification of risks; poor management

poor communication
unsuitable management
denial of access

Identification of risks; quality of software

use of third party software

Identification of risks; software. (active)

logic bomb
trojan horse
mobile code
terrorist attack

Identification of risks; Human interaction.

loss of key staff
terrorist attack
malicious action.

Each list will fit into one of the following categories;

denied access

Fire, smoke/fumes, explosion/impact, temperature/humidity, flood, virus, worm, logic bomb, trojan horse, terrorist attack.

accessibility, virus, worm, logic bomb, trojan horse, auto-rooter.

accessibility, terrorist attack, malicious action, usurpation.

Denied access
loss of key staff, denial of access, malicious action, spammer

Explanation of identified risks

The entrance to the building has a set of gas canisters, which are extremely hazardous. If these canisters were to erupt, then a fire would be the result of that. A fire could spread and cause an immense amount of damage to both equipment and to the building itself. IT systems are very unlikely to survive such a scenario.

Within the building there is an allocated spot for the machine and vehicle areas, both of which have 2 PC's within them. A PC does not do well in an environment that will generate both heat and a fume, which is what will happen when you locate a computer near, or in the same room as a vehicle. The imprecation is long term damage to the components within the PC. You may find that the computer will slow down, and then eventually stop...
tracking img