Risk Management in Information Technology Security
© ITT Educational Services, Inc.
All Rights Reserved. -73- Change Date: 05/25/2011
Unit 1 Assignment 1: Application of Risk Management Techniques
Learning Objectives and Outcomes
You will be able to identify different risk management techniques for the seven domains of a typical IT infrastructure and apply them under different situations.
As discussed in this Unit, after IT professionals identify threat/vulnerability pairs and estimate the likelihood of their occurrence, IT management must decide which risk management techniques are appropriate to manage these risks. IT managers then present this information to the senior management.
The role of the senior management is to allocate resources, specifically money and employees, to prepare for and respond to identified threats and vulnerabilities appropriately.
This assignment allows you to fulfill the role of an IT manager in a small business tasked with determining appropriate risk management techniques for identified threats and vulnerabilities and to make related recommendations to senior management.
Read the scenario given below and then complete the given assignment tasks that are given:
YieldMore is a small agricultural company that produces and sells fertilizer products. The company operates through its headquarters in a small town in Indiana. Outside its headquarters, there are two large production facilities—one in Nebraska and one in Oklahoma. Furthermore, YieldMore employs sales force personnel in every state in the U.S. to serve its customers locally.
The company has three servers located at its headquarters—Active Directory Server, a Linux application server, and an Oracle database server. The application server hosts YieldMore’s primary software application, which is proprietary program managing inventory, sales, supply-chain, and