Draft Risk Management Plan
Ernest Martinez Jr.
October 22, 2012
Purpose The Senior Management of the Defense Logistics Information Services (DLIS) has decided to update the previous risk management plan with a developing, new risk management plan. This new risk management plan will not only minimize the amount of risk for future endeavors, but will also be in compliance with regulations such as the Federal Information Security Management Act (FISMA), Department of Defense (DOD), Department of Homeland Security (DHS), National Institute of Standards and Technology (NIST), Control Objects for Information and Technology (COBIT), and Information Assurance Certification and Accreditation Process (DAICAP).
The risk management plan is for the organization use only and its network, including remote access company owned building in United States. Outside sources from this scope and risk management plan may cause the network infrastructure to fail or will make it a high risk structure due to the fact that the outside source may not protected to interact with other outside sources allowing hackers to infiltrate your system and steal important files.
Federal Information Security Management Act (FISMA) compliance is required for federal agencies to protect their important information. Department of Homeland Security (DHS) compliance is to be required for protection to the United States against terrorists. There are other organizations in which standards are given for risk management projects, including: National Institute of Standards and Technology (NIST), Department of Defense (DOD) Information Assurance Certification and Accreditation Process (DAICAP), and Control Objects for Information and related Technology (COBIT).
Roles and Responsibilities
Project Manager (PM): The overall coordinator of the Risk Management Program.
• Maintaining the Risk Management Plan
• Maintaining the Risk Management
References: Enterprise Project Management Office. State of North Dakota. Retrieved from: www.nd.gov/itd/files/services/pm/risk-management-plan-sample.pdf Gibson, D. (2011). Managing risk in information systems. Sudbury, Mass.: Jones & Bartlett Learning. Risk Management Plan. (2007, November 29). Northrop Grumman . Retrieved October 16, 2012, from interop.mt.gov/content/docs/IM_Risk_Management_Plan_v4_0.pdf Rouse, M. (n.d.). What is Federal Information Security Management Act (FISMA)? - Definition from WhatIs.com. Information Security information, news and tips - SearchSecurity.com. Retrieved October 15, 2012, from http://searchsecurity.techtarget.com/definition/Federal-Information-Security-Management-Act