IS3110 Lab 2 Align Risk, Threats, & Vulnerabilities to COBIT P09 Risk Management Controls

Topics: Risk, Risk management, Security Pages: 3 (868 words) Published: April 23, 2014
1.
a. Unauthorized access from public internet - HIGH
b. User destroys data in application and deletes all files - LOW c. Workstation OS has a known software vulnerability – HIGH d. Communication circuit outages - MEDIUM
e. User inserts CD’s and USB hard drives with personal photos, music and videos on organization owned computers - MEDIUM 2.
a. PO9.3 Event Identification – Identify threats with potential negative impact on the enterprise, including business, regulatory, legal, technology, trading partner, human resources and operational aspects. b. PO9.4 Risk Assessment – Assess the likelihood and impact of risks, using qualitative and quantitative methods. c. PO9.5 Risk Response – Develop a response designed to mitigate exposure to each risk – Identify risk strategies such as avoidance, reduction, acceptance – determine associated responsibilities; and consider risk tolerance levels. 3.

a. Unauthorized access from public internet - AVAILABILITY
b. User destroys data in application and deletes all files - INTEGRITY c. Workstation OS has a known software vulnerability – CONFIDENTIALITY d. Communication circuit outages - AVAILABILITY
e. User inserts CD’s and USB hard drives with personal photos, music and videos on organization owned computers - INTEGRITY 4.
a. Unauthorized access from public internet – Operating system, software patches, updates, change passwords often, and hardware or software firewall. b. User destroys data in application and deletes all files – Restrict access for users to only those systems, applications, and data needed to perform their jobs. Minimize write/delete permissions to the data owner only. c. Workstation OS has a known software vulnerability – Define a workstation application software vulnerability window policy. Update application software and security patches according to defined policies, standards, procedures, and guidelines. d. Communication circuit outages - the role of countermeasures against...
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • Risk Management Lab 1 Essay
  • Questions on Risk Management Controls Essay
  • Risk Threat Vulnerability Essay
  • Risk management Essay
  • risk management Essay
  • IS3110 Risk Management Essay
  • Risk Control Matrix Essay
  • Objectivity in Risk Management Essay

Become a StudyMode Member

Sign Up - It's Free