$20 Bonus + 25% OFF +
5
%
Cashback
information
Securing Higher Grades Costing Your Pocket? Book Your Assignment at The Lowest Price Now!

Questions:

1) What are the five tasks required to get ready for a risk assessment?   Explain each one in your own terms and why the task is important.
2) Discuss the threats associated with privileged user accounts?  Please support your views from sources other than the assigned reading and also the text book.
3) Using fig 3 – the generic risk model in the document and the threat identified in question 2.  Identify the risks at the Organizational level, business process level and information system level.
4) Based on the risks identified, recommend the information system policies that would be required.  You do not need to write the policy in detail, simply provide the title and one sentence describing the policy.

 

Answers:

1. The five tasks required ready for risk assessment are:

Step 1: Identification the assessment purpose: In order to the current prevailing situation the organization needs to understand the difference between “hazards” and “risks”. A hazard is the potential to cause harm; whereas risk is the likelihood of the released potential harm (Sharma, Kottahachchi & Theebaprakasam, 2013).  It can be easily identified by using a couple of technique around the employee workplace.

Step 2: Identify the scope of the assessment: This step of risk assessment helps the organization to determine: (i) what categories are transmit the assessment, (ii) it specifies (how and what) part of the assessment are get affected in the organization, (iii) decision making process involved in the risk assessment, (iv) at what time span organization rules are relevant and (v) what influence the organization to update the risk assessment (Kim, Kim & Park, 2014). The scope of risk assessment also implies the overall information and report of conducting the assessment. It mainly depends upon the organization authorization boundary of information system (Kottahachchi, Shih & Theebaprakasam, 2015).

Step 3: Identification of constraints and assumptions associated with the assessment: It is very important to make certain assumptions and constraints for higher clarity as it helps the company management to increase productivity of assessment results. It includes threats events, threats sources, vulnerabilities conditions and approaches of assessment. Besides these, organizations also tend to identify several constraints which include availability of resources, skills assessment and business operational activities.

Step 4: Identification of sources of information in input assessment: The fourth step of risk assessment enables the organization to determine the vulnerability and threat relevant information. It generally divided into two segments internal sources of information and external sources of information (Sharma, Kottahachchi & Theebaprakasam, 2013). The sources of information include the information like business processes, functional management processes, enterprise architecture and organization environmental infrastructure.

Step 5: Review the risk assessment: In this approach, the organization facilitates and identifies the type of models used to accelerate the risk assessment task.

2. The threats that are associated with privileged user accounts are:

  1. Transcript of Security Accounts Threats: It is very important to have a proper security account with its password on the device. Avoid using consoled sign in procedures at any point of time.
  2.  Privileged inside threats: It generally includes mitigating and recycling credentials by sing default password account (Kottahachchi, Shih & Theebaprakasam, 2015). It is a very flexible system of authentication by logging it from more than one device.
  3. Spoofing attacks threats: It is primarily seen that hackers usually spoof users personal email accounts by mitigating unauthorized access from the system.
  4. The threats involved in organizational and business process level is very similar to risk involved in privileged user accounts. There is an absence of hybrid control systems, system specific controls and common controls which enables professional hackers to accelerate the mitigation user account system (Hamlen & Thuraisingham, 2013).  
  5. There are various similar threats that can replicate themselves and spread from one computer to another. They generally arrive by attaching themselves to files or email messages.
  6. The phishing threat is very well known threats involved in privileged user accounts. It implies attempting the gain access to financial details, passwords, and other personal privileged information.  It is normally done by email messages that pretend to come from any trusted websites or instant messaging or from any social networks.
 

3. There are various types of risk involve in company management, information system technology risk and business process level risk. These primary risks are classified into strategic risk, financial risk, operational risk and hazard risk (Sharma, Kottahachchi & Theebaprakasam, 2013). It is very important to make certain constraints for higher clarity as it helps the company management to increase production assessment. It includes threats events, threats sources, vulnerabilities conditions and approaches of assessment. The sources of information include the information like business processes, functional management processes, and enterprise architecture and organization environmental infrastructure.

Risk at organizational level: The risks involved in organizational level includes: acquisition risks, regulatory or compliance risk, legal risk, financial risk, safety risk, program risk, operational risk, supply chain risk, supply chain risk and tolerance risk. Additionally, there are several risk involved in internal company management like: operational planning risk, interim report risks and strategic risks (Hamlen & Thuraisingham, 2013).  

Risk at business process level: The risk at business process level includes: defining the core business process and missions with company aim and objectives, developing an organizational narrow details; protection incorporating strategy, accelerating the degree of autonomy for manipulating organizations with the parent company management which includes accepting, mitigating, evaluating and accessing and data security risk. Other business process risk includes: action plan risks, evaluation risk and establishment risk.

Risk at information system level: The risk involved in information system level includes information quality risk, equipment software risk, contingency planning risk, security architecture risk, data accuracy risk, project team risk, usability risk, political and strategic risk and resources risk. Additional there are various risk involved in information system like technical risks (communication issue, lack of experimented testers, human factor and poor coding factors) and functional risks (inexperience of a project leader, misevaluation of load and lack of client maturity).

4. The recommendations based on risk identified:

As the researcher has surveyed many case studies and research paper based on risk assessment it is to be recommended that:

  • Instead of logging in a privileged super user; it is beneficial to use an equivalent group that provides private access and characteristics of operating system like “sudo” or “Run as” that follow the permanent privileges escalation.
  • Control on User account enables the user to accelerate privileges for software legacy that run on the system administrator.
  • It is necessary to improve the session management by achieving compliance privileged access for remote vendors, administrators, and high risk users.
  • The risk involved in organizational level, information level and business process level can be easily minimized by implementation of security controls system in the management which includes hybrid control systems, system specific controls and common controls (Sharma, Kottahachchi & Theebaprakasam, 2013).
  • Consideration of risk transference: Generally in many multi-national companies risk can be transferred to any third parties via an insurance policy and legal agreement. Now-a-days, most of the companies come with the cyber insurance policy to minimize the risk assessment policy (Hamlen & Thuraisingham, 2013). It is strictly recommended to implement a strategy of cyber insurance policy in a company management to ensure lesser risk in future.
 

References

Hamlen, K. W., & Thuraisingham, B. (2013). Data security services, solutions and standards for outsourcing. Computer Standards & Interfaces,35(1), 1-5.

Kim, Y., Kim, I., & Park, N. (2014). Analysis of cyber attacks and security intelligence. In Mobile, Ubiquitous, and Intelligent Computing (pp. 489-494). Springer Berlin Heidelberg.

Kottahachchi, B., Shih, K. Y., & Theebaprakasam, A. (2015). U.S. Patent No. 9,152,783. Washington, DC: U.S. Patent and Trademark Office.

Sharma, H., Kottahachchi, B., Theebaprakasam, A., & Shih, K. Y. (2013).U.S. Patent Application No. 13/485,408.

OR

MyAssignmenthelp.com boasts a pool of 3000+ experts from different backgrounds, who are solely dedicated to providing premier quality assignment help. Due to the diversity in our expert team, we are capable of providing academic assistance in more than 100 subjects. Some of our popular services include math assignment help, economic assignment help, accounting assignment help, statistics assignment help, law assignment help and more at a reasonable price.

Latest Samples

HA2011 Managerial Accounting 2

Download : 0 | Pages : 16

Answer: Introduction There are different aspects that determine the success of the business organizations; and the accounting and financial aspects are considered as crucial among them. It is the responsibility of the managements of the business organizations to continue their accounting and financial reporting related operations in the most perfect manner. In this context, it needs to be mentioned that there is a relation between the account...

Read More arrow

HI6026 Audit Assurance And Compliance 3

Download : 0 | Pages : 12

Answer: Introduction The top grossing companies in Australia are identified for their auditing and accounting skills which are based on the expert knowledge of taxation and auditing or accounting principles. It has been observed that the Woolworth Limited which is audited by one of the biggest companies which create audit reports called Deloitte have been earning huge revenues because of the clear analysis of all the accounts of the organizat...

Read More arrow

HA2032 Corporate And Financial Accounting 2

Download : 0 | Pages : 10

Answer: Introduction Nowadays, the importance of a proper financial reporting system has increased a lot for an organization to conduct its business successfully in the market. Also, the organization is needed to provide the public with proper disclosure of the information that is reliable in nature (Alvarez, 2013). This report will be based on the major emphasis that is experienced in a business if proper disclosure and discussion may o...

Read More arrow

LAW505 Taxation 2

Download : 0 | Pages : 13
  • Course Code: LAW505
  • University: Charles Sturt University
  • Country: Australia

Answers: Issue 1 The given task aims to highlight the tax implications with regards to the transactions that Amber has entered into. The impact of these transactions could lead to production of assessable income or have implications in the form of capital gains tax (CGT) when the underlying proceeds are capital. The crucial issues concerned are listed as below. 1) Shop sale – Whether the proceeds are revenue or capital? Also, the CGT i...

Read More arrow

HI6026 Audit Assurance And Compliance 2

Download : 0 | Pages : 10

Answer: Introduction The Enhanced Auditor report is an upgradation of the traditional auditor report which is intended to give more transparency and relevant information to the user group. The most important change as per the enhanced auditor reporting has been the inclusion of the Key Audit matters (KAMs) in the independent Auditor Report and how the auditors have gone about resolving the same. These revised standards and norms of reporting ...

Read More arrow
Next
watch

Save Time & improve Grade

Just share your requirement and get a customized solution.

question
We will use e-mail only for:

arrow Communication regarding your orders

arrow To send you invoices, and other billing info

arrow To provide you with information of offers and other benefits

1,142,757

Orders

4.9/5

Overall Rating

5,048

Experts

Our Amazing Features

delivery

On Time Delivery

Our writers make sure that all orders are submitted, prior to the deadline.

work

Plagiarism Free Work

Using reliable plagiarism detection software, Turnitin.com.We only provide customized 100 percent original papers.

time

24 X 7 Live Help

Feel free to contact our assignment writing services any time via phone, email or live chat.

subject

Services For All Subjects

Our writers can provide you professional writing assistance on any subject at any level.

price

Best Price Guarantee

Our best price guarantee ensures that the features we offer cannot be matched by any of the competitors.

Our Experts

Assignment writing guide
student rating student rating student rating student rating student rating 5/5

1758 Order Completed

99% Response Time

William Martinez

MS in Biology

Washington, United States

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

93 Order Completed

100% Response Time

Jackson Mitchell

MiM (Masters in Management) in Supply Chain Management

New Jersey, United States

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

1265 Order Completed

97% Response Time

James Cook

Masters in Management

Wellington, New Zealand

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

453 Order Completed

98% Response Time

Howard Asuncion

LLM in Criminal Law

London, United Kingdom

Hire Me

FREE Tools

plagiarism

Plagiarism Checker

Get all your documents checked for plagiarism or duplicacy with us.

essay

Essay Typer

Get different kinds of essays typed in minutes with clicks.

edit

GPA Calculator

Calculate your semester grades and cumulative GPa with our GPA Calculator.

referencing

Chemical Equation Balancer

Balance any chemical equation in minutes just by entering the formula.

calculator

Word Counter & Page Calculator

Calculate the number of words and number of pages of all your academic documents.

Refer Just 5 Friends to Earn More than $2000

Check your estimated earning as per your ability

1

1

1

Your Approx Earning

Live Review

Our Mission Client Satisfaction

Great paper, paid what expected. the writer knew what to write, would recommend everyone,

flag

User Id: 79950 - 20 Nov 2019

Australia

student rating student rating student rating student rating student rating

Great paper, answered the questions that was needed for the discussion. I would recommend this expert for future writing

flag

User Id: 79950 - 20 Nov 2019

Australia

student rating student rating student rating student rating student rating

Thank you for helping me with my assignment and once I get my grade from my lecturer I will let you know.

flag

User Id: 58449 - 20 Nov 2019

Australia

student rating student rating student rating student rating student rating

Perfect paper, expert knew what was asked for, thou little spelling errors and other gramma issue, besides that great paper. I would recommend everyone for this writer

flag

User Id: 79950 - 20 Nov 2019

Australia

student rating student rating student rating student rating student rating
Have any Query?