1. Engineering
  2. Computer Science
  3. total marks 100 assignment 1 risk computation and identifying strategies...

Question: total marks 100 assignment 1 risk computation and identifying strategies...

Question details

Total Marks: 100

Assignment 1: Risk computation and identifying strategies to secure information and assets

In this assignment, you are responsible for managing an email server for an IT organization. The email server can be considered connected with Internet 24/7, stores critical emails of all employees, need 24/7 to upkeep the business. Consider the server is geographically located in a city which has higher chance of earthquake, has very little rain, has small population with high standard health care system, very peaceful and quite place where citizens have safety and security assured. The organization has shortage of anti-virus software, and personnel to deal with security risks. You need to assign probability range between 0 and 1, and impact between scale 1 to 10. See the defined two tables below:

Level

Probability

Low

0.0 to 0.39

Medium

0.40 to 0.50

High

>0.50

Level

Impact

Low

1.0 to 3.99

Medium

4.00 to 5.00

High

5.01 to 10.00

Part A: [70 Marks]

Now fill out the following worksheet that is obtained from

http://searchdisasterrecovery.techtarget.com/Risk-assessments-in-disaster-recovery-planning-A-free-IT-risk-assessment-template-and-guide

Your Task is to assign probability of threat and impact level based on the description above and using your own discretion, followed by computing risk. For convenience, the first row is shown:

Risk analysis worksheet (Range of 0.0 to 1.0 for P and I)

Threat

Probability (P)

Impact (I)

Risk = P x I

Flooding – Internal [low, low]

0.1

2

0.2

Flooding – External [???, ???]

Fire – Internal

Fire – External

Severe Storms

Wind Storm

Earthquake

Tornado

Hurricane

Snow Storm

Ice Storm

Hail

Drought

Tsunami

Mud Slide

Epidemic

Pandemic

Explosion

Gas Leak

Structural Failure, e.g., Bridge Collapse

IT – System Software

IT – Applications

IT – Hardware

IT – Viruses

IT – Hacking, Unauthorized Intrusions

IT – Communications, Connectivity

IT – Vendor Failure

IT – Operational (Human) Error

Terrorism – Biological

Terrorism – Chemical

Terrorism – Radiological

Terrorism – Nuclear

Sabotage

Bomb Threat

Criminal – Theft

Criminal – Break-ins

Criminal – Vandalism

Criminal – Espionage

Work Action, Strike

Civil Disorder

Human Error

Other

Part B: [15 Marks]

After computing risk, list the top five threats based on your computation.

Part C: [15 Marks]

Could you suggest some protective measures or mitigation approaches to reduce these top five threats? Use your discretion.

Solution by an expert tutor
Blurred Solution
This question has been solved
Subscribe to see this solution