StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Acuity Risk Management LLP - Case Study Example

Cite this document
Summary
The paper "Acuity Risk Management LLP" states that it is essential to state that confidential information is the type of data that concerns me such as my financial statements, education certificates, my medical records, and health status information. …
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER93.3% of users find it useful
Acuity Risk Management LLP
Read Text Preview

Extract of sample "Acuity Risk Management LLP"

Risk assessment of the Question 1. Three information assets of an organization to evaluate for risk management Data for question 1: Switch L47 connects a network to the internet. It has two vulnerabilities: (1) susceptibility to hardware failure, with a likelihood of 0.2, and (2) susceptibility to an SNMP buffer overflow attack, with a likelihood of 0.1. This switch has an impact rating of 90 and has no current controls in place. There is a 75 percent certainty of the assumptions and data. Server WebSrv6 hosts a company Web site and performs e-commerce transactions. It has Web server software that is vulnerable to attack via invalid Unicode values. The likelihood of such an attack is estimated at 0.1. The server has been assigned an impact value of 100, and a control has been implemented that reduces the impact of the vulnerability by 75 percent. There is an 80 percent certainty of the assumptions and data. Operator use the MGMT45 control console to monitor operations is the server room. It has no password and is susceptible to unlogged misuse by the operator. Estimates show the likelihood of misuse is 0.1. There are no controls in place on this asset, which has an impact rating of 5. There is a 90 percent certainty of the assumptions and data. From the above data, the three assets for the company are extremely valuable. The following is how the organization will approach in evaluation and additional of more controls. Switch L47 has 2 vulnerability. Vulnerability 1 Vulnerability 1 22.5 =(90*0.2)-((90*0.2)*0.0)+((90*0.2)*0.25) 22.5=18+0+ 4.5 =22.5 Vulnerability 2 11.25 =(90*0.1)-((90*0.1)*0.0)+((90*0.1)*0.25) =9+0+ 2.25 11.25 11.25 +22.5 Switch L47 connects a network to the internet should be evaluated first, and additional controls put in place to secure the internal network from external attacks. This asset is extremely significant since there are many attackers constantly trying to access the company information. Therefore, securing switch L47 is important. It has percentage impact (90%) with high uncertainty of 25%. There is no any control in place to secure this asset hence it should be given priority. Server WebSrv6 = (100*0.1)- ((100*0.1)*0.1)+((100*0.75)*0.2) 10-1+15 24 Hosts should be the second one to be evaluated and additional measures put in place. It has high impact rate and 20% of uncertainty rate. It is second to be evaluated although it has 100 impact value because it has a control in place already. The MGMT45 control console to should be the last one to be evaluated since it has low impact value of 5 with a low rate of uncertainty (10%). It can be evaluated and secured last. There is only one source of risk which the operator hence it is easy to evaluate and provide appropriate measures. Question 2 automated risk assessment tools AgenaRIsk This is a very essential decision support tool with high capability to analyze and help users in making decisions. It was developed by Agena Limited. It is can run on Windows and UNIX platforms. It enables users to model the prediction estimation and decisions about situations using complex algorithms. It costs £2,000 as the normal price. This software has a user graphical interface where the analysis model is a combination of several models such as Bayesian networks, simulation and spreadsheet-like analysis. AgenaRIsk is a vital tool in project risk analysis, testing hypothesis, carrying out statistical analysis, controlling the quality of a system and in developing expert systems. This tool is only applicable to Boolean nodes and ignores AgRisk This software was developed by Ohio State University. The risk automated tool was aimed at helping farmers in evaluating risk factors during harvesting to determine the risk revenue. It is windows based software where Corn, wheat, and sorghum use forward, futures and crop insurance options as input factors. Acertus™ This is a web-based risk assessment and mitigation software that enables clients in establishment, measurement, management and mitigation of risks. Organizations are not only able to control risk using the automated tool, but they can also assess security and comply with regulatory issues. It was developed by Securac Inc. Acuity Risk Management LLP This is a risk assessment and mitigation software that can be the free version downloaded from the company’s site. It can be customized by an organization to meet its policies in risk assessment, control performance and business management. Enterprise versions of the software is not free they are purchased. Question 3 threats to information According to this chapter on ‘risk management’ (Michael & Herbert, 2011) Software attacks- hacking and crackers are some of the software attackers who look for loopholes in the software. These instances have not been discussed before in the chapter. Sabotage or vandalism- sabotage can also result from misrepresentation of information by competitors on information systems. Technical failure- power supply problems are also a threat where information systems are exposed to power surge and electrical faults. Question 4 data classification scheme presented According to the chapter data is classified in three schemes a. Confidential- this is the most sensitive information that should be well guarded within the organization. b. Internal- this is type of information which does not meet the criteria for sensitive information. They are used internally in an organization. c. External- this is information that an organization can share out since it is approved by management. In my personal computers, confidential information is the type of data that concern me such as my financial statements, education certificates, my medical records and health status information. Internal information in my personal computer can be like my video files, music files that people can access but for personal use only. External data-this are the articles and other files that I would like to share with others publicly. Photographs that I want to share out on social media are external files. Question 5 risk assessment on the information contained in your home Vulnerability Asset Impact Vulnerability likelihood Risk-rating factor Theft 100 0.1 10 Software attack 90 0.1 9 Forces of nature 100 0.2 20 Trespass 55 0.3 16.5 Sabotage 55 0.01 0.55 Question 6 National Association of Corporate National Association of Corporate Directors (NACD) is a nonprofit organization which is composed of the board of directors from different businesses. It is leadership of the board that provide knowledge and clear guidelines on how to deal with ever changing business issues and dynamic business environment. The mission of the organization is “is to advance exemplary board leadership -for directors, by directors. We deliver the knowledge and insight that board members need to confidently navigate complex business challenges and enhance shareowner value. We amplify the collective voice of directors in setting a substantive policy agenda”(www.nacdonline.org). According to NACD, information security is legal issues and a liability. Protection of the board of directors and the stakeholders is a primary role done by implementation of the existing laws concerning information security. This role is played by the members of the board of directors. Information security is a continuous evaluation process which response accurate responses. Works Cited Michael, W. E., & Herbert, M. J. (2011). Principles of Information security 4th edition . Course Technology, Inc. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Risk Management Case Study Example | Topics and Well Written Essays - 1250 words”, n.d.)
Risk Management Case Study Example | Topics and Well Written Essays - 1250 words. Retrieved from https://studentshare.org/information-technology/1609629-risk-management
(Risk Management Case Study Example | Topics and Well Written Essays - 1250 Words)
Risk Management Case Study Example | Topics and Well Written Essays - 1250 Words. https://studentshare.org/information-technology/1609629-risk-management.
“Risk Management Case Study Example | Topics and Well Written Essays - 1250 Words”, n.d. https://studentshare.org/information-technology/1609629-risk-management.
  • Cited: 0 times

CHECK THESE SAMPLES OF Acuity Risk Management LLP

Business Assignment: Enterprise

The partners in an llp remain self-employed though they share tax depending on the amount profit acquired (Schell, 1999).... A UK llp is a corporate body; it has a continuing legal survival independent of its members.... A UK llp'S members have a collective responsibility.... The partners can often settle in an llp Agreement with no several responsibilities for one's actions.... Unlike sole traders, the llp itself, not individual members are answerable for any debts it encounters unless the individual has personally guaranteed a loan....
3 Pages (750 words) Assignment

Law Specialism Incorporated - Legal Firms and Internships

According to the paper 'Law Specialism Incorporated - Legal Firms and Internships', the recruitment and selection process for both law and non-law students are done formally such that all applicants are required to comply with the requirements: A&O First; attend the 'Open Days'; attend 'Summer Vacation Scheme'; attend 'Winter Vacation Scheme'....
10 Pages (2500 words) Essay

Financial Position of Wal-Mart

This paper "Financial Position of Wal-Mart " tells that established in 1962 by Sam Walton, Walmart has become the most heralded name in the global retail industry.... The company has been listed as the number one globally according to a survey of the Fortune magazine.... ... ... ... The Wal-Mart Company has its operations located in 15 different countries and is known by different names....
6 Pages (1500 words) Case Study

Types Of Organization Structures

The paper "Types Of Organization Structures " purposes to discuss the various forms of organizational structures that businesses fit it under the legal framework.... These four main types of organizations are the sole trader or sole proprietorship business.... ... ... ... A sole trader or a sole proprietorship type of business is a business structure established and owned by an individual, or a single legal person....
6 Pages (1500 words) Essay

Business Operations

Miriam on the other hand, may act as a partner limited on a limited liability basis thus, invest her capital in this venture, and still maintain her legal rights in the engagement of business management in the way she might desire.... An amendment done in 2001 that led to the Revised Uniform Limited Partnership Act (RULPA) gives an allowance to limited partners to engage in the limited partnership management without having to lose their shield as limited partners....
6 Pages (1500 words) Essay

Proposition to Introduce Cloud Client Architecture at Macfarlanes LLP

This report describes the proposition to introduce cloud/client architecture at Macfarlanes llp.... It aims to present a recommendation that will seek to achieve its successful introduction and implementation.... In conclusion it stipulates advantages and disadvantages of both cloud and client architecture....
6 Pages (1500 words) Report

Importance of a Financial Institutions

The paper "Capital risk" is a good example of a Finance & Accounting essay.... The financial system also facilitates trade and provides products that deal with risk and uncertainty(Alan, Hunt, & Hodgetts, 2011).... The paper "Capital risk" is a good example of a Finance & Accounting essay.... The financial system also facilitates trade and provides products that deal with risk and uncertainty(Alan, Hunt, & Hodgetts, 2011).... The paper "Capital risk" is a good example of a Finance & Accounting essay....
10 Pages (2500 words) Essay

Long-Term Investors Should Buy Equities

he truth of the matter is that investing in stocks carries with it a certain degree of risk.... The element of risk is normal.... The paper "Long-Term Investors Should Buy Equities" is a great example of a finance and accounting literature review.... Trading in equities is one of the most lucrative types of modern investment....
11 Pages (2750 words) Literature review
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us