country
$20 Bonus + 25% OFF
Securing Higher Grades Costing Your Pocket? Book Your Assignment at The Lowest Price Now!

Questions:

1) What are the five tasks required to get ready for a risk assessment?   Explain each one in your own terms and why the task is important.
2) Discuss the threats associated with privileged user accounts?  Please support your views from sources other than the assigned reading and also the text book.
3) Using fig 3 – the generic risk model in the document and the threat identified in question 2.  Identify the risks at the Organizational level, business process level and information system level.
4) Based on the risks identified, recommend the information system policies that would be required.  You do not need to write the policy in detail, simply provide the title and one sentence describing the policy.

 

Answers:

1. The five tasks required ready for risk assessment are:

Step 1: Identification the assessment purpose: In order to the current prevailing situation the organization needs to understand the difference between “hazards” and “risks”. A hazard is the potential to cause harm; whereas risk is the likelihood of the released potential harm (Sharma, Kottahachchi & Theebaprakasam, 2013).  It can be easily identified by using a couple of technique around the employee workplace.

Step 2: Identify the scope of the assessment: This step of risk assessment helps the organization to determine: (i) what categories are transmit the assessment, (ii) it specifies (how and what) part of the assessment are get affected in the organization, (iii) decision making process involved in the risk assessment, (iv) at what time span organization rules are relevant and (v) what influence the organization to update the risk assessment (Kim, Kim & Park, 2014). The scope of risk assessment also implies the overall information and report of conducting the assessment. It mainly depends upon the organization authorization boundary of information system (Kottahachchi, Shih & Theebaprakasam, 2015).

Step 3: Identification of constraints and assumptions associated with the assessment: It is very important to make certain assumptions and constraints for higher clarity as it helps the company management to increase productivity of assessment results. It includes threats events, threats sources, vulnerabilities conditions and approaches of assessment. Besides these, organizations also tend to identify several constraints which include availability of resources, skills assessment and business operational activities.

Step 4: Identification of sources of information in input assessment: The fourth step of risk assessment enables the organization to determine the vulnerability and threat relevant information. It generally divided into two segments internal sources of information and external sources of information (Sharma, Kottahachchi & Theebaprakasam, 2013). The sources of information include the information like business processes, functional management processes, enterprise architecture and organization environmental infrastructure.

Step 5: Review the risk assessment: In this approach, the organization facilitates and identifies the type of models used to accelerate the risk assessment task.

2. The threats that are associated with privileged user accounts are:

  1. Transcript of Security Accounts Threats: It is very important to have a proper security account with its password on the device. Avoid using consoled sign in procedures at any point of time.
  2.  Privileged inside threats: It generally includes mitigating and recycling credentials by sing default password account (Kottahachchi, Shih & Theebaprakasam, 2015). It is a very flexible system of authentication by logging it from more than one device.
  3. Spoofing attacks threats: It is primarily seen that hackers usually spoof users personal email accounts by mitigating unauthorized access from the system.
  4. The threats involved in organizational and business process level is very similar to risk involved in privileged user accounts. There is an absence of hybrid control systems, system specific controls and common controls which enables professional hackers to accelerate the mitigation user account system (Hamlen & Thuraisingham, 2013).  
  5. There are various similar threats that can replicate themselves and spread from one computer to another. They generally arrive by attaching themselves to files or email messages.
  6. The phishing threat is very well known threats involved in privileged user accounts. It implies attempting the gain access to financial details, passwords, and other personal privileged information.  It is normally done by email messages that pretend to come from any trusted websites or instant messaging or from any social networks.
 

3. There are various types of risk involve in company management, information system technology risk and business process level risk. These primary risks are classified into strategic risk, financial risk, operational risk and hazard risk (Sharma, Kottahachchi & Theebaprakasam, 2013). It is very important to make certain constraints for higher clarity as it helps the company management to increase production assessment. It includes threats events, threats sources, vulnerabilities conditions and approaches of assessment. The sources of information include the information like business processes, functional management processes, and enterprise architecture and organization environmental infrastructure.

Risk at organizational level: The risks involved in organizational level includes: acquisition risks, regulatory or compliance risk, legal risk, financial risk, safety risk, program risk, operational risk, supply chain risk, supply chain risk and tolerance risk. Additionally, there are several risk involved in internal company management like: operational planning risk, interim report risks and strategic risks (Hamlen & Thuraisingham, 2013).  

Risk at business process level: The risk at business process level includes: defining the core business process and missions with company aim and objectives, developing an organizational narrow details; protection incorporating strategy, accelerating the degree of autonomy for manipulating organizations with the parent company management which includes accepting, mitigating, evaluating and accessing and data security risk. Other business process risk includes: action plan risks, evaluation risk and establishment risk.

Risk at information system level: The risk involved in information system level includes information quality risk, equipment software risk, contingency planning risk, security architecture risk, data accuracy risk, project team risk, usability risk, political and strategic risk and resources risk. Additional there are various risk involved in information system like technical risks (communication issue, lack of experimented testers, human factor and poor coding factors) and functional risks (inexperience of a project leader, misevaluation of load and lack of client maturity).

4. The recommendations based on risk identified:

As the researcher has surveyed many case studies and research paper based on risk assessment it is to be recommended that:

  • Instead of logging in a privileged super user; it is beneficial to use an equivalent group that provides private access and characteristics of operating system like “sudo” or “Run as” that follow the permanent privileges escalation.
  • Control on User account enables the user to accelerate privileges for software legacy that run on the system administrator.
  • It is necessary to improve the session management by achieving compliance privileged access for remote vendors, administrators, and high risk users.
  • The risk involved in organizational level, information level and business process level can be easily minimized by implementation of security controls system in the management which includes hybrid control systems, system specific controls and common controls (Sharma, Kottahachchi & Theebaprakasam, 2013).
  • Consideration of risk transference: Generally in many multi-national companies risk can be transferred to any third parties via an insurance policy and legal agreement. Now-a-days, most of the companies come with the cyber insurance policy to minimize the risk assessment policy (Hamlen & Thuraisingham, 2013). It is strictly recommended to implement a strategy of cyber insurance policy in a company management to ensure lesser risk in future.
 

References

Hamlen, K. W., & Thuraisingham, B. (2013). Data security services, solutions and standards for outsourcing. Computer Standards & Interfaces,35(1), 1-5.

Kim, Y., Kim, I., & Park, N. (2014). Analysis of cyber attacks and security intelligence. In Mobile, Ubiquitous, and Intelligent Computing (pp. 489-494). Springer Berlin Heidelberg.

Kottahachchi, B., Shih, K. Y., & Theebaprakasam, A. (2015). U.S. Patent No. 9,152,783. Washington, DC: U.S. Patent and Trademark Office.

Sharma, H., Kottahachchi, B., Theebaprakasam, A., & Shih, K. Y. (2013).U.S. Patent Application No. 13/485,408.

Download Sample

Get 100% money back after download, simply upload your unique content* of similar no. of pages or more. We verify your content and once successfully verified 100% value credited to your wallet within 7 days.

Upload Unique Document

Document Under Evaluation

Get Credits into Your Wallet

*The content must not be available online or in our existing Database to qualify as unique.

Cite This Work

To export a reference to this article please select a referencing stye below:

My Assignment Help. (2017). Web And Data Security. Retrieved from https://myassignmenthelp.com/free-samples/web-and-data-security.

"Web And Data Security." My Assignment Help, 2017, https://myassignmenthelp.com/free-samples/web-and-data-security.

My Assignment Help (2017) Web And Data Security [Online]. Available from: https://myassignmenthelp.com/free-samples/web-and-data-security
[Accessed 07 July 2020].

My Assignment Help. 'Web And Data Security' (My Assignment Help, 2017) <https://myassignmenthelp.com/free-samples/web-and-data-security> accessed 07 July 2020.

My Assignment Help. Web And Data Security [Internet]. My Assignment Help. 2017 [cited 07 July 2020]. Available from: https://myassignmenthelp.com/free-samples/web-and-data-security.


MyAssignmenthelp.com boasts a pool of 3000+ experts from different backgrounds, who are solely dedicated to providing premier quality assignment help. Due to the diversity in our expert team, we are capable of providing academic assistance in more than 100 subjects. Some of our popular services include math assignment help, economic assignment help, accounting assignment help, statistics assignment help, law assignment help and more at a reasonable price.

Latest Samples

ISYS1055 Database Concepts For Decomposition And Functional Dependency

Download : 0 | Pages : 3
  • Course Code: ISYS1055
  • University: RMIT University
  • Country: Australia

Answer: Answer to Question 1: The candidate key for the doctor table is Rego. The candidate key for Patient Table is ID. The appointment table has candidate key, ID. The tables are already in third normal form. All the attributes in the database are atomic. Each of the tables has primary key. There is no non-functional dependency or transitive dependency. Answer to Question 2: Functional Dependency: The given custID has been presented as ...

Read More arrow Tags: Australia Melbourne Accounting Accounting theory and accountability University of Melbourne 

ACC203 Management Accounting Method

Download : 0 | Pages : 10
  • Course Code: ACC203
  • University: Elite Educational Institute
  • Country: Australia

Answer: 1. Explaining how the management accountant can help contribute design and operations of the new management accounting system for the new hospital: Being the management accountant relevant skill is needed by the individuals for adequately conducting operations. The same skills of a management accountant can help in designing and operating the new management accounting system for the new hospital. In addition, the management accounting...

Read More arrow

HI6026 Audit, Assurance And Compliance For Australian Security Exchange

Download : 0 | Pages : 9

Answer: Introduction Auditing is the process to examine the financial statements of the business entities in order to find out any material missstements in them. While auditing the statements, the responsibility of the auditors is to take into consideration the major risks of material misstatements and to take necessary steps to reduce them. On the other hand, Australian Security Exchange (ASX) has provided the companies with eight principles i...

Read More arrow Tags: Australia Campsie Management University of New South Wales 

HSC203 Indigenous Health Perspectives 2

Download : 0 | Pages : 8
  • Course Code: HSC203
  • University: Charles Darwin University
  • Country: Australia

Answer: Introduction The assessment is made in regards to conduct the literature review based on the analysis of the impact of historical, social process among the indigenous people of Australia and its effects on the Australian Aboriginal Strait’s health. All the above-identified factors give a wide impact on the indigenous health of people and affect the overall health of the common people. The several disparities have been created am...

Read More arrow Tags: Australia indigenous health perspectives Charles Darwin University 

CSM80003 Construction Law

Download : 0 | Pages : 8

Answer: Case Analysis 1 Hyblewski v Bellerive Homes Pty Ltd. [2019] ACTSC 44 The Supreme Court had released a judgment which had serious implications on the defendants who were considered to be involved in certain actions that were relating to defective building works which in compliance with the Building Act 2004 (ACT) as such also raised certain serious questions relating to the apportionment of the responsibility regarding the building ca...

Read More arrow Tags: Australia Arlington Management University of New South Wales 
Next
watch

Save Time & improve Grade

Just share Requriment and get customize Solution.

question
We will use e-mail only for:

arrow Communication regarding your orders

arrow To send you invoices, and other billing info

arrow To provide you with information of offers and other benefits

1,356,976

Orders

4.9/5

Overall Rating

5,080

Experts

Our Amazing Features

delivery

On Time Delivery

Our writers make sure that all orders are submitted, prior to the deadline.

work

Plagiarism Free Work

Using reliable plagiarism detection software, Turnitin.com.We only provide customized 100 percent original papers.

time

24 X 7 Live Help

Feel free to contact our assignment writing services any time via phone, email or live chat.

subject

Services For All Subjects

Our writers can provide you professional writing assistance on any subject at any level.

price

Best Price Guarantee

Our best price guarantee ensures that the features we offer cannot be matched by any of the competitors.

Our Experts

Assignment writing guide
student rating student rating student rating student rating student rating 5/5

647 Order Completed

98% Response Time

Adlina Han

Masters in Marketing with Specialization in Branding

Singapore, Singapore

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

265 Order Completed

97% Response Time

Ken Campbell

MSc in Electrical Engineering

Wellington, New Zealand

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

453 Order Completed

98% Response Time

Howard Asuncion

LLM in Criminal Law

London, United Kingdom

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

440 Order Completed

99% Response Time

Jack Arens

MBA in HRM

London, United Kingdom

Hire Me

FREE Tools

plagiarism

Plagiarism Checker

Get all your documents checked for plagiarism or duplicacy with us.

essay

Essay Typer

Get different kinds of essays typed in minutes with clicks.

edit

GPA Calculator

Calculate your semester grades and cumulative GPa with our GPA Calculator.

referencing

Chemical Equation Balancer

Balance any chemical equation in minutes just by entering the formula.

calculator

Word Counter & Page Calculator

Calculate the number of words and number of pages of all your academic documents.

Refer Just 5 Friends to Earn More than $2000

Check your estimated earning as per your ability

1

1

1

Your Approx Earning

Live Review

Our Mission Client Satisfaction

I\'m very pleased with my dissertation report. My Assignment Help was very helpful, and they were quick in response to every question asked.

flag

User Id: 364796 - 07 Jul 2020

Australia

student rating student rating student rating student rating student rating

i got a really good grade, im really happy with the resolution i got also the price was very good

flag

User Id: 343054 - 07 Jul 2020

Australia

student rating student rating student rating student rating student rating

Good solution for my statistics final project. It met all the requirements and helped me get a good grade.

flag

User Id: 429802 - 06 Jul 2020

Australia

student rating student rating student rating student rating student rating

Thanks you all for everything. I were in a hard time with getting my assignment done and i really thankful for it.

flag

User Id: 452417 - 06 Jul 2020

Australia

student rating student rating student rating student rating student rating
callback request mobile
Have any Query?