Risk Assessment

Topics: Business continuity planning, Risk management, Backup Pages: 7 (1733 words) Published: February 25, 2014
Defense Logistics Information Service
(DLIS)
Outline
1. Introduction
a. Scope
b. Assign to departments
c. Risk Matrix
d. Risk mitigation plan
e. Impact Analysis
2. (BIA)
a. Departments
b. Business Impact
c. Costs Analysis
3. Recommendations (BIA)
a. Business Impact Analysis Results
b. Maximum Acceptable Outage
4. (DLIS) Business Continuity Plan
a. Purpose
b. Scope
c. Plan Objectives
d. Disaster definition
e. Recovery teams
f. Team member responsibilities
g. Instructions for using the plan/Invoking the plan
h. Data backup policy
i. Offsite storage procedures
j. In the event of disaster
5. Computer Incident Response Team Plan
a. Secure funding for relocation
b. Notify EMT and corporate business units of recovery Startup c. Operations recovered

Introduction:
The purpose of the risk assessment plan is to avoid or mitigate the impacts of a threat or vulnerability. The risk assessment plan for the entire DLIS system will help assign responsibilities, identify the costs of an outage, provide recommendations, identify the costs of recommendations, document accepted recommendations, track implementation, and create a plan of action and milestones (POAM). Scope:

Risk assessment is used in every career and on every project in all fields of study. There are different types of risks involved depending on what you are doing. An architect has to assess all risks involved with weather; natural resources they may run into underground, the slightest miscalculation could throw the entire project off! Networking security personnel play a major role in the security of anything and everything within the network. There are risks involved with keeping servers secured when people try to hack into the system. Cyber security personnel are responsible for keeping all the information secure that is on the network. Key roles that will play a big part in the completion of this project will pertain to network security and reliability and client confidentiality. A. Department Managers | Departments will do a RA specific to their department. Duties will be carried out by Supervisors. | B. Employees | Employees will carry out task dependent on their department. | C. Assign to departments:

D. Risk matrix
E. Level | Likelihood Definition |
F. High | The threat source is highly motivated and sufficiently capable, and controls to prevent the vulnerability from being exercised are ineffective. | G. Moderate | The threat source is motivated and capable, but controls are in place that may impede successful exercise of the vulnerability. | H. Low | The threat source lacks motivation or capability, or controls are in place to prevent, or at least significantly impede, the vulnerability from being exercised. |

Risk mitigation plan
Risk mitigation: The next major step in measuring level of risk was to determine the adverse impact resulting from successful exploitation of vulnerability. The adverse impact of a security event can be described in terms of loss or degradation of any, or a combination of any, of the following three security goals: Loss of Confidentiality – Impact of unauthorized disclosure of sensitive information (e.g., Privacy Act). Loss of Integrity – Impact if system or data integrity is lost by unauthorized changes to the data or system. Loss of Availability – Impact to system functionality and operational effectiveness. Impact Analysis

Magnitude of Impact | Impact Definition |
High | Exercise of the vulnerability (1) may result in the highly costly loss of major tangible assets or resources; (2) may significantly violate, harm, or impede an organization’s mission, reputation, or interest; or (3) may result in human death or serious injury. | Moderate | Exercise of the vulnerability (1) may result in the costly loss of tangible assets or resources; (2) may violate, harm or impeded an organization’s mission, reputation, or interest; or (3) may result in human injury. | Low |...
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • Risk Assessment and Work Role Essay
  • Assessment 2 Ptlls Essay
  • Applying Risk Management Essay
  • Risk Management Plan Final Research Paper
  • Risk Assessment and Young People Essay
  • Risk Assessment Essay
  • CRITIQUE OF A CARDIOVASCULAR RISK ASSESSMENT TOOL Essay
  • Risk Assessment Essay

Become a StudyMode Member

Sign Up - It's Free