Section 5: Controlling Risk

Section 5: Controlling Risk

Given the following categories or areas where risk exists, and then the 3 assets for each, describe how you will test for associated risk:
Administrative
Human resources: Hiring and termination practices
Organizational structure: A formal security program
Security policies: Accurate, updated, and known or used
Technical
Access control: Least privileged
System architecture: Separated network segments
System configurations: Default configurations
Physical
Heating and air conditioning: Proper cooling and humidity
Fire: Fire suppression
Flood: Data center location

 

 

 

 

 

 

 

 

 

 

Solution Preview

Risk testing involves identifying the risk and analyzing the results. In any organization, risk testing is very important in all the elements ranging from the administrative category, technical category, and the physical category. The test is aimed at identifying the risk dimensions which include size, experience and type.  The risk test results are very vital in the decision making process of any organization. To test the risk associated with these categories, some formalized processes are followed. One of the processes is the judgment and instinct approach which is a common approach risk evaluation during testing (Garrick, & Christie, 2010).  This is an informal approach which uses knowledge and past experience

Total Number Count:314words

HOMEWORKEMPIRE
20 Monochrome Way
Onyx, CA 111111

+1 437539 6910 support@homeworkempire.com
Browse database Post Assignment Contact