Risky Situation
University of Phoenix Material
Risky Situations
Identify three types of sensitive information involved with each situation. Then, describe three ways in which each information item could be misused or harmed. For each of these, note at least one likely finding that you would include in a risk analysis report of the organization. Finally, answer the questions at the end.
Situation 1 – Online Banking System
Information Affected
Potential Harm (Risk)
Likely Finding in Risk Analysis Report
Bank Account Numbers
Can be used to steal the user’s funds.
Low/medium risk, high probability
Can be used by terrorist organizations for money laundering.
Very high risk, medium possibility
Loss of brand reputation to the bank as being less secure. medium risk, medium possibility
Account Numbers of Bills stored in Bill Pay
Used to access bill information and change information as personal attack on individual.
Low/medium risk, medium probability
Used to access additional information about user through user’s profile through that particular bill.
Medium risk, medium/high probability
Close account without user’s approval or them being aware as a personal attack against them.
Medium/high risk, high probability.
Stock/investment information
Investments can be transferred to someone else’s name without users knowing or approval.
High risk/low probability
Additional investments can be made in user’s name that are likely to fail, or to illegally support the investment company.
High risk/low probability
Investments can be donated to charity without user’s consent or knowledge, leaving user with $0 left.
High risk/low probability
Situation 2 – Facebook Page
(organization or personal – specify which)
Information Affected
Potential Harm (Risk)
Likely Finding in Risk Analysis Report
Access to friends list.
Can allow undesired persons to gain knowledge about someone that does not want their information seen by anyone but people they
Risky Situations
Identify three types of sensitive information involved with each situation. Then, describe three ways in which each information item could be misused or harmed. For each of these, note at least one likely finding that you would include in a risk analysis report of the organization. Finally, answer the questions at the end.
Situation 1 – Online Banking System
Information Affected
Potential Harm (Risk)
Likely Finding in Risk Analysis Report
Bank Account Numbers
Can be used to steal the user’s funds.
Low/medium risk, high probability
Can be used by terrorist organizations for money laundering.
Very high risk, medium possibility
Loss of brand reputation to the bank as being less secure. medium risk, medium possibility
Account Numbers of Bills stored in Bill Pay
Used to access bill information and change information as personal attack on individual.
Low/medium risk, medium probability
Used to access additional information about user through user’s profile through that particular bill.
Medium risk, medium/high probability
Close account without user’s approval or them being aware as a personal attack against them.
Medium/high risk, high probability.
Stock/investment information
Investments can be transferred to someone else’s name without users knowing or approval.
High risk/low probability
Additional investments can be made in user’s name that are likely to fail, or to illegally support the investment company.
High risk/low probability
Investments can be donated to charity without user’s consent or knowledge, leaving user with $0 left.
High risk/low probability
Situation 2 – Facebook Page
(organization or personal – specify which)
Information Affected
Potential Harm (Risk)
Likely Finding in Risk Analysis Report
Access to friends list.
Can allow undesired persons to gain knowledge about someone that does not want their information seen by anyone but people they