Project Part 1

Topics: Management, Logistics, Risk assessment Pages: 7 (803 words) Published: April 26, 2015
Running head: Risk Plan

Defense Logistics Information Systems: Risk Assessment
Byron Davis
IS3110

Defense Logistics Information Systems: Risk Assessment

Outline

Introduction2
Scope3
Qualitative and Quantitative Risk Assessments3
Key Departments and Roles4
Assessment Schedule5

Introduction
In order to create a safe and healthy workplace many companies create a risk assessment (RA). A risk assessment identifies potential hazardous threats, risk, or vulnerabilities and analyzes them to see what would possibly happen should those threats, risk, or vulnerabilities occur. It is important to remember that a risk assessment isn’t about paperwork but to identify and analyze any possible risks that might affect our agency, Defense Logistic Information Systems (DLIS). In addition to finding all possible risks, threats, and vulnerabilities, we will describe the possible impacts should these risks occur as well as ensure that DLIS being a federal agency complies with NIST and FISMA. Scope

The RA will be limited to the risks associated to DLIS and affected systems area that will be necessary for it to complete its mission. This RA won’t list operational areas unnecessary for DLIS to achieve its mission. This RA will not include payroll, base security or flight operations. Qualitative and Quantitative Risk Assessments

In planning a risk assessment, it is necessary to be aware of the two types of risk assessments, Qualitative and Quantitative. Qualitative Assessment is an approach that prioritization risks by priority or impact. It allows for the determination of greater risk in a short time that are more and are the least expensive. However, there are some downsides to a qualitative assessment, as it is completely inefficient when performing a Cost Benefit Analyst (CBA). Threat

Probability
Impact
Risk = P x I
IT – Hardware Issues
0.8
100
80%
Hurricane
0.2
100
20%
Tornado
0.3
100
30%
Fire – Internal
0.3
100
30%
IT – Operational Error (Human)
0.7
50
35%
Low FISMA Compliance Grade
0.5
100
50%
IT – System Software Issues
0.7
70
49%
IT – Hacking, Unauthorized Intrusions
0.5
70
35%
IT – Application Server Issues
0.3
100
30%
IT – Communications, Connectivity
0.6
100
60%
IT – Vendor Failure
0.4
100
40%
IT – Viruses
0.3
100
30%
Industrial Espionage
0.7
100
70%
Human Error
0.9
30
27%
Criminal – Theft
0.4
30
12%

Quantitative Assessment is an approach that allows for the consequences of incident occurrence in a monetary approach. This assessment is usually more accurate in detailing the damage that the risk, threats, or vulnerabilities can do to our agency. The disadvantage is that the assessment is dependent on the scope for the quantitative parameters and results on monetary value usually isn’t precise as well as the assessment it can be overall confusing. Key Departments and Roles

A. Director – Vice Admiral Mark D. Harnitchek – Provides the army, navy, air force, marine, corps, and other federal agencies with a variety of logistics, acquisitions, and technical services in peace and war. B. Director of Information Operations (J6) and Chief Information Officer – Kathy Cutler – Responsible for all the DLA agency information technology across the J6 worldwide enterprise. Also responsible for logistics information operations that include DOD logistics cataloging, electronic routing of DOD logistics transactions, and documentation of automation and production services. C. Executive Director of Logistics Support Directorate (J34) for DLA Logistics Operations (J3) – Jeffrey Curtis – Responsible for development and dissemination of enterprise-wide policy of key business and supply chain management functions for order fulfilment, planning, stock positioning, retail sustainment, transportation, distribution network, disposition, technical, and logistic research and development functions. D. Director of Strategic Plans and Policies...

References: Kirvan, P. (2008). A free IT risk assessment template. Retrieved from Techtarget: http://searchdisasterrecovery.techtarget.com/Risk-assessments-in-disaster-recovery-planning-A-free-IT-risk-assessment-template-and-guide
Kirvan, P. (2008). Getting started with a risk assessment. Retrieved from Techtarget: http://searchdisasterrecovery.techtarget.com/Risk-assessments-in-disaster-recovery-planning-A-free-IT-risk-assessment-template-and-guide
Rouse, M. (2005, September). What is A Perimeter Network. Retrieved from TechTarget: http://searchnetworking.techtarget.com/definition/network-perimeter
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • How Did Shakespeare Portray the Concept of Honor in Henry Iv Part 1 Essay
  • "Honor" in Henry Iv, Part I – Falstaff vs. Hotspur Essay
  • Essay on Unit 9 Project Part 1
  • Project Part 1 Essay
  • Project Part 1 Task 1 Essay
  • Project Part 1 Essay
  • NT2580 Project part 1 Essay
  • Essay about Project part 1

Become a StudyMode Member

Sign Up - It's Free