Retrieved de https://studentshare.org/information-technology/1608945-case-study
https://studentshare.org/information-technology/1608945-case-study.
1. What will Iris have on her to-do-list?Iris should have a lot of tasks on her to-do-list that would required to be managed and handled by her in order to achieve her objective. As per the discussion of Iris with Mike regarding revising the risk management documentation, I believe that the tasks on her to-do-list should include but not limited to a complete analysis of risk management including identification of risks / treats to the assets, specification of vulnerable assets, evaluating the risks by assessing the probability of happening the risk, assigning the value of probability and impact of the risks, risk reporting and communication, selection of responses (risk treatment) like preventing, reducing, transferring, accepting and contingency plans.
Moreover, the planning and organizing the processes so that a common or uniform input can be taken and evaluated company wide, development of asset inventory, and one of the most important tasks is to document all the findings and assessments. 2. What resources can Iris call on to assist her? I believe that the Iris should not rely only on the higher management and team members, but she should also involve all the stakeholders and end users, as they are always helpful resources. Moreover, it is required that the Iris should also do a little bit research over the internet (major resource after the stakeholders) to find out and follow the best practices, standards and guidelines to develop, manage, organize / categorize the tangible and intangible, moreover, prioritizing the assets along with their values to the organization.
Work CitedAIRMIC. A Risk Management Standard. 2002. Web. 19 Nov. 2012
Read More