Using the information asset valuation/impact evaluation method presented in chapter 8, conduct a preliminary risk assessment of the organization’s critical information. Answer each of the questions covered in the chapter. What would it cost if the organization lost all of their data?
[Insert Answers Here] The cost would honestly be potential loss of human life, therefore Billions.
1. What is risk management? A process that identifies vulnerabilities in an organization’s information system and takes carefully reasoned steps to assure the confidentiality, integrity, and availability of all components in the organization’s information system.
2. List and describe the key areas of concern ...view middle of the document...
10. What value would an automated asset inventory system have for the risk identification process? An automated asset inventory system would be valuable to the risk identification process because all hardware components are already identified – models, make and locations – then management can review for the most critical items and assess the values.
11. Which information attributes are seldom or never applied to software elements? IP Address, Mac Address, Manufacturers model or part number, physical location
12. Which information attribute is often of great value for networking equipment when
Dynamic Host Configuration Protocol (DHCP) is not used?
13. When you document procedures, why is it useful to know where the electronic versions are stored? Authorized users must be able to easily locate documents; these documents are not static and must be updated regularly. They also need to be readily retrieved in the event systems become unavailable
14. Which is more important to the information asset classification scheme, that it be comprehensive or that it be mutually...