StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

IT Risk managment - Research Paper Example

Cite this document
Summary
Assignment: I.T Risk Management Question # 1: Hot Site: Hot site is a disaster recovery service and facility that looks into the organization data bases setup. A hot site consists of all the equipment required by the enterprise for performing operations, that include office space, furniture, and other computer equipment…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER95.3% of users find it useful
IT Risk managment
Read Text Preview

Extract of sample "IT Risk managment"

Assignment: I.T Risk Management Question Hot Site: Hot site is a disaster recovery service and facility that looks into the organization data bases setup. A hot site consists of all the equipment required by the enterprise for performing operations, that include office space, furniture, and other computer equipment. The enterprise carries all the data to hot site in case of inoperable functioning .Hot site is a backup and carbon copy with real time synchronization intact. In case of any disruption the hot site serves for relocation.

Hot sites are more useful and widely in use in organizations dealing with financial handling, E-commerce facility providers. Cold Site: A cold site is a disaster recovery service that serves as backup but the customers are needed to provide and install all the equipment needed for performing of operations. It provides physical space for recovery operation. Unlike hot site, it doesn’t include hardware setup. It is less costly, however takes time in getting into function .Monthly service charges are charged for performing cold and hot site backup Alternate Site: A location other than the normal facility used to perform critical business functions in the event of disaster occurrence.

Alternate site serves as plan B, it is termed as any facility that ensures smooth working despite the breakdown of original setup. Alternate site should be in place prior to any disaster occurrence. Several factors are to be considered in installing and setting up of an alternate site .It must be in accord with the ongoing processes that takes place during the normal activities during routine work. Several options can be created for alternate solution, one of them is to use a software based solution that routes the information to all essential components, and it must contain storage controllers that look into data transfer on basis of volume.

Question #2: Self test and evaluation can be grouped in to categories like software, hardware, and tools and they are done so for ease of use and handling. When grouped together it is easy to perform Verification, validation and certification of software packages. Grouping helps in controlled data program execution, mapping and hardware maintenance. The grouping further helps in understanding the Flow charts and ensuring that the testing and evaluation is performed according to the need of setup.

Grouping helps in dealing with similar items by placing them in similar facility . Question # 3: Comprehensive testing takes into account all the considerations that are important for the proper working of a system. It would look into the maintenance, installation , load balancing, regression and reliability testing. Comprehensive testing further looks into the overall environment that is suitable for proper installation and compatibility with the hardware equipment and sees if the tools and software being provided are operable with the existing setup.

Comprehensive testing would further ensure that the right kind of personnel are deployed at the right station of system who have sufficient enough knowledge of the equipment or the software that is under use Question # 4: The system testing can be performed in different ways depending on conditions and requirements. It could be based on the specifications or behavior and help determine the strength of software and hardware available. The abbreviated system testing is usually performed without documentation, it is sort of least formal testing conducted, and advantage of abbreviated system testing is, immediate detection of errors in system.

Comprehensive testing on other hand includes the performance test, compatibility test, error handling test, and is in documented version, accessibility test also falls under comprehensive testing and it checks for compliance with other systems and setups Question # 5: Risk assessment is the process of identifying and exposing the factors that may pose a threat to the proper working and achievement of end product. It is to mitigate the chances of occurrence of a failure. Risk assessment helps understanding and comprehending factors like potential loss that might occur due to failure and the magnitude of impact.

A proper framework should be developed in assessing the risk. Any system that is in contact with external environment is bound to risks and therefore would require proper risk assessment. Risk assessment helps not only in saving the time that might be taken in case of down time of a system but also the resources that might be used in order to make the setup functional again. Question 6: ST&E (Security Testing and Evaluation) Security testing in general is the process of determining information system is effective in protecting the data .

Security testing and evaluation leads to better security in information technology products and systems. It exerts a positive effect on overall system including the operational envirment, specifications. ST&E are effective in two ways. firstly, identification of errors and vulnerabilities ,secondly a rigorous evaluation which helps in reducing the chances of failure in future. Further ST&E addresses security requirements and their basis. Security testing and evaluation involves activies like configuration management, delivery and operation, high level security design, guidance document .

Question # 7: Contingency Plan: The prime purpose of contingency plan is to have a backup in case of disaster and dysfunction. It is the existence of an alternate plan or location that could be used in event of disaster ,emergency and system failure. Any system exposed to outside world will have some sort of risk associated with it .they are performed to minimize the risk to minimum. Contingency can be in form of network mapping, vulnerability scanning, integrity and configuration checking. The primary reason is to identify potential vulnerabilities and repair them prior to any disorder.

Contingency plan involves assigning virtual machines and create protection groups that will ensure proper working of virtual machines in case of failure. Few disaster recovery services offer self backup plan, in those cases complete contingency plan is not necessary Question # 8: Even if risk assessment is completed, performing contingency planning and system testing is advisable because it serves as second tier protection against anything that might happen as unforeseen. Risk assessment tells us about the factors that might pose a threat to system working ,but it doesn’t ensure 100 percent error free systems and the system breakdown ,down time, glitches are an equal threat ,therefore contingency planning and system testing and evaluation cannot be ruled out despite the best of risk assessments.

Risk assessment is the analysis of factors that pose a threat whereas Contingency planning and System evaluation is the practical implementation and step towards ensure the achievement of end product Question # 9: Security testing and Evaluation leads to better security in information technology related products and systems. ST&E positively effects the specifications, development processes, and operational environment. The members related directly to the software packages or hardware and tools are the best ones who can make proper recommendations for the proper working of system.

They are the ones who can identify the threats and improvements that can be made in the whole setup. The top management and decision makers are the ones that determine the appropriate action that is being recommended. In other words the middle management is assigned the task of making recommendations and Top management is responsible for deciding for action on suggestions. This is necessary for ensuring the proper functioning and making sure proper measures are taken in time for any mishap that may occur during daily performing of activities in a setup.

Question # 10: Risk assessment has to do with the analysis and quantifying of the factors and threats that stand as hurdles in achieving the desired results. System testing and evaluation design team directly contributes to extenuating the risk management and assessment more than the execution team. The execution team is primarily concerned with the practical implementation and contingency planning related activities. The design team provides a platform in form of analyzing all the factors that are risks to the system.

Question # 11: Contingency plan requires regular testing and updating because of the need for synchronization with the setup in action. It is being saved that an ounce of prevention is worth a pound of cure. In time Contingency activation can help save time and resources. A fault detected not only consumes time and resources but also eats up the time and resources that would otherwise be used for constructive processes. In other words the backup plan should be a replica of the original setup and all the changes taking place in original setup must be in synch with the backup facility.

Question # 12: Contingency plan is performed either part time or in full and this is evident in case of Hot site where the hot site itself serves as contingent option and incase of the enterprise becoming inoperable,all the data and records needed for proper functioning are moved to hot site in itself, other disaster recovery services provide backup options that allows for not acquiring the contingency plan as full time.

Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“IT Risk managment Research Paper Example | Topics and Well Written Essays - 750 words”, n.d.)
Retrieved from https://studentshare.org/information-technology/1430835-it-risk-managment
(IT Risk Managment Research Paper Example | Topics and Well Written Essays - 750 Words)
https://studentshare.org/information-technology/1430835-it-risk-managment.
“IT Risk Managment Research Paper Example | Topics and Well Written Essays - 750 Words”, n.d. https://studentshare.org/information-technology/1430835-it-risk-managment.
  • Cited: 0 times

CHECK THESE SAMPLES OF IT Risk managment

RISK MANAGEMENT

Your name Your class and section Your professor date risk Management and the risk Culture risk is the probability of loss.... risk management is the strategic planning and tactical decisions to reduce, avoid or eliminate risk, and therefore, loss.... Financial risk management deals with risks inherent in financial markets and company liquidity.... hellip; Operations risk management involves the actual risks of company operations....
4 Pages (1000 words) Essay

Risk Management Experiences in Relation to Hewlett-Packards PRM System

Despite threats coming risks, several companies have been lagging in terms of developing sound risk management strategies.... The primary goal of the paper is to establish the extent in which risk management is ingrained in business models developed by companies.... This is in reference to the Procurement risk Management (PRM) used at Hewlett-Packard.... The paper will also tackle various aspects of risk management strategies used in different industries including the services and public sectors....
49 Pages (12250 words) Dissertation

Risk and Risk Management within Multinational Banking

The potential for loss arises not only from microfactors like credit risk of the borrower but also from exogenous factors like political, social, and economic environments, which are beyond the control of any individual borrower--hence the concept of country risk and the associated practice of country risk assessment. … Originally, the purpose of country risk assessment was to identify risks that could affect a borrower's ability to repay according to the terms of the loan....
22 Pages (5500 words) Essay

Security and Risk Managment

It is interesting to note that the government has adopted four core strategies for dealing with the management and control of risk.... There is a high risk involved in the lives of the people living in the UK due to the terrorist activities and this risk...
14 Pages (3500 words) Essay

Risk Management in Hospitality Industry

It is the function of management to adequately analyze the risk scenario and be prepared… This is necessary both for the organization itself and for the society in which it operates. Euro Disney, the joint venture between the US parent company Walt Disney and the French government had to face severe and unexpected financial This experience is of immense help to the management studies and the hospitality industry, particularly in these days of great emphasis on globalization and expanding service industry....
15 Pages (3750 words) Essay

Security & Risk Management

The need for the understanding of risk The studies of risk perception and risk management have resulted in the development of different psychological models of risk perception.... These models play an important role in understanding the behavior of the people toward risk and their reactions.... This is followed by another brief discussion on risk perception which provides the base for the paper....
9 Pages (2250 words) Essay

Measurement and Prioritization of the Risks

This is done with the help of risk management process which is applied by the company in order… The various risks that are identified through the risk management process are schedule risk, financial risk, technical risk, political risk, social risk, risk Management Contents Contents 2 risk management process in order to identify the possible risk associated with construction 3 Measurement and prioritization of the risks 3Possible treatment of the risk exposures 4References 5Risk management process in order to identify the possible risk associated with constructionThe construction of high rise building in a commercial district by a property development construction company requires identification of possible risks in the process of construction....
2 Pages (500 words) Essay

Risk Management

In his speech, the speaker is of the thought that successful risk management is fundamental in everyday life.... The speaker indicates that risk management involves identifying risks, assessing them and focusing on whether… With the many examples of risks provided by the speaker such as mountain climbing, it is easy to make out what the speaker is bringing out in their speech.... Through the speech as well, one can easily plan on how to handle with risks that risk Management al affiliation risk Management In the video, the speaker sheds light on risk management....
1 Pages (250 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us