Risk Management Plan Essay

4426 words - 18 pages

Introduction:
Information security continuous monitoring (ISCM) is defined as maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. This publication specifically addresses assessment and analysis of security control effectiveness and of organizational security status in accordance with organizational risk tolerance. Security control effectiveness is measured by correctness of implementation and by how adequately the implemented controls meet organizational needs in accordance with current risk tolerance. Organizational security status is determined using metrics established by the organization to best convey ...view middle of the document...

Because of the importance of risk management a new plan needs to be developed. The risk management plan is for the organization’s use only. This new risk management plan will not only minimize the amount of risk for future endeavors, but will also be in compliance with regulations such as the Federal Information Security Management Act (FISMA), Department of Defense (DOD), Department of Homeland Security (DHS), National Institute of Standards and Technology (NIST), Control Objects for Information and Technology (COBIT), and Information Assurance Certification and Accreditation Process (DAICAP).

Scope:
This risk management plan is for the organizations use only and its network including remote access. Any outside sources from the scope and risk management plan may cause the network infrastructure to fail or will make it a high risk structure due to outside sources that are not protected to interact with other outside sources allowing hackers to infiltrate the system is steal important files. The scope of this project will include the planning, scheduling, budgeting, and consultation needed to perform an in depth risk assessment and research to determine which compliance laws this organization must follow. We must identify all the risks and vulnerabilities associated with this organization and create viable solutions that may mitigate these risks as quickly and as inexpensively as possible without compromising the integrity and confidentiality of any business assets. A cost benefit analysis should also be conducted prior to the planning phase of this project as well. Implementing and executing these policies and procedures in order to mitigate these risks is a critical part of this projects process. Security features such as controls, auditing logs, applying patches, etc. will be implemented, monitored, reported, and documented. Other risks such as natural disasters and accidental fires/floods may also be considered risks and should be accommodated accordingly to include a backup and disaster recovery plan.

Risk Management Procedure

The Risk management procedure will start by obtaining senior management support and involvement, designating focal points, defining procedures, creating a schedule with milestones and deadlines, involving business and technical experts as consultants, and controlling, maintaining, monitoring, reporting, analyzing, and documenting results. This procedure will identify risks, threats, vulnerabilities, and the likelihood of those risks materializing, identify and rank critical issues and operations, estimate potential damage, identify cost effective mitigating controls, and document assessment findings. All policies and procedures will support or be in compliance to the FISMA, COBIT, DIACAP, and PCI standards.

Risk Analysis
Risks may vary greatly from natural disasters, operational errors, software vulnerabilities, financial hardships, or even human interactions such as; attackers, buffer overflow attacks,...

Other Papers Like Risk Management Plan

Commodity Risk Assessment Plan Essay

1096 words - 5 pages comprehensive risk management plan that identifies risk management actions that describe how to manage the risks identified in Section 2. This section should also include a timeline that shows how and when to carry out risk management actions. Hazard risk 1. Concerning risks brought by pests and diseases, Hershey would join and invest the London-based International Cocoa Organization which concentrates on tackle the West African cocoa pests

Risk Assessment Plan Essay

4148 words - 17 pages Risk Management Plan | Baylor University Dormitory Project | | Presented by: | Approved by: | Version 3 | 10/16/2012 | | Table of Contents Table of Contents………………………………………………………………………………………………………2 Introduction…………………………………………………………………………………………………………….3 Project Description and Objectives…………………………………………………………………………………….3 Objectives of the Risk Process………………………………………………………………………………………3-4 Project Sizing

Risk Review Plan for Macville Pty

2827 words - 12 pages Manage Risk BSBRSK501B Risk review plan for MacVille PTY LTD Task 1 Janith Damboragama MacVille business plan FY 2011/12 Description about the company Mission MacVille cafes serve competitively priced, high-quality coffee and gourmet food in a safe and comfortable café-style environment. Our friendly, well-trained staffs provide superior customer service. Vision MacVille aims to deliver our valued customers

Regulatory Risk Plan

692 words - 3 pages Recognizing and Minimizing Tort and Regulatory Risk Plan Brittny Iman Gill University of Phoenix Organizational Leardership LAW 531 Mark A. Addington June 10, 2010 Recognizing and Minimizing Tort and Regulatory Risk Plan This week in LAW 531 the class learned about intentional torts and negligence. According to the textbook a “tort” is basically a legal wrongdoing in which one party or a party’s property is damaged and another party

risk managemet plan

659 words - 3 pages The playing surface, or turf, might be the most important feature from the perspective of risk management. It is the most important because it is the most litigated. 20. Providing equipment Managers, coaches, teachers, and supervisors also have a duty to provide adequate safety equipment to sports participants 21. The care given to people with disabilities 22. Where children do not see danger Playgrounds 23. Surfaces around

Risk mitigation plan

624 words - 3 pages  A Risk Mitigation Plan is a report that identifies the actions that need to be taken to reduce the frequency and impact a risk could possibly have on the organization, SCOPE The scope of this document is suggest controls for risks that could affect this company in a negative way. RISK MITIGATION Threat From Inside: The risk of a compromised system, data breeches, or simply a curious employee. Strong access controls. Base

Tort and Regulatory Risk Plan

1679 words - 7 pages There are many risks for a company in the legal realm and it is important for them to minimize their tort and regulatory risks. A company should have a risk plan in place that can help them succeed. This plan can be a continuously changing plan depending on needed improvements on the plan. A risk plan can be developed easily when you look at the Alumina Inc. case as an example. A company such as Alumina can manage their risks through three basic

Recognizing and Minimizing Tort and Regulatory Risk Plan

628 words - 3 pages Recognizing and Minimizing Tort and Regulatory Risk Plan Environmental Regulation is perhaps the most stringent area of government’s regulation in business. The government imposes great technology investment demands on the industry for regulatory compliance. One single act of irresponsibility can cost businesses greatly or be forced to close (Business Regulation Simulation, 2009). It is important to identify, manage, and correct torts

Management

302 words - 2 pages ASSESSMENT BSBRSK501B MANAGE RISK Assessment tool 1 Assessment activity 1: Review organisational processes, procedures and requirements for undertaking risk management 1. Create your own definitions for the following terms: a) Risk: A probability or threat of damage, injury, liability, loss, or any other negative occurrence that is caused by external or internal vulnerabilities, and that may be avoided through preemptive action. b) Risk

Risk Response Planning

1479 words - 6 pages The Instructions of Risk Response Planning Jinghan Xie PJM 6015 Project Risk Management Jacques Alexis Northeastern University College of Professional Studies August 8, 2015 Abstract As the fourth step in the risk management, risk response planning is very significant and it could affect the subsequent steps of risk management as well as the whole project. In other words, if a risk management plan does not has the sufficient

Risk Management Process

1985 words - 8 pages , and (8) Time intervals for risk monitoring or reassessment. The risk management strategy should be guided by a common vision of success that describes the desired future project outcomes in terms of the product that is delivered, its cost, and its fitness for the task. The risk management strategy is often documented in an organizational or a project risk management plan. The risk management strategy is reviewed with relevant stakeholders to

Related Essays

Risk Management Plan Essay

998 words - 4 pages 10/10/2014 IS110 Risk Management Project Part 1 Introduction Purpose of the Risk Management Plan A risk in an event or condition that, if it occurs, could have a positive or negative effect on your project’s objectives. Risk Management is the process of identifying, assessing, responding to, monitoring, and reporting risks. This Risk Management Plan defines how risks associated with the Defense Logistics Agency project will be identified

Risk Management Plan Essay

739 words - 3 pages Project Part 1 Task 1: Risk Management Plan EC-Council University Introduction A risk management plan (RMP) is important to the DLIS and DLA because it will help us to identify and mitigate IT risks before they become catastrophic issues. This RMP will outline the objectives of the DLIS, the risks associated with the DLIS IT infrastructure, quantify these risks, develop a response plan to these risks by identifying roles and

Is3110 Project: Risk Management Plan Essay

1807 words - 8 pages Defense Logistics Information Service (DLIS) Outline I. Introduction a. Scope b. Assign to departments c. Risk Matrix d. Risk mitigation plan e. Impact Analysis II. (BIA) f. Departments g. Business Impact h. Costs Analysis III. Recommendations (BIA) i. Business Impact Analysis Results j. Maximum Acceptable Outage IV. (DLIS

Risk Management Plan For Defense Logistics Information Service

848 words - 4 pages Risk Management Plan for Defense Logistics Information Service 1. PURPOSE This Risk Management Plan is an overall look at how Defense Logistics Information Service can protect it’s data. The implication of lost confidential government data is the primary cause for this plan, and will be treated with the utmost importance. 2. GUIDING PRINCIPLES This plan will be presented through a formal, written, written risk management, and security