We're Open
support@instaresearch.co.uk
+44 7340 9595 39
+44 20 3239 6980

Module 1 SLP: Information Security System Risk Management

Information



  • Post Date 2018-11-05T12:11:06+00:00
  • Post Category Essays

No Plagiarism Guarantee - 100% Custom Written

Order Details

Module 1 SLP: Information Security System Risk Management

Module 1 SLP: Information Security System Risk Management

INSTRUCTIONS:

Module 1 - SLP
INFORMATION SECURITY SYSTEM RISK MANAGEMENT
This assignment requires you to do a cost and benefit analysis for the following company. You will need to study carefully the cost and benefit calculation section at "Home" of module 1.
Ebidding company has a ecommerce website that generate $500,000 per year. Calculate the annualized rate of occurrence (ARO) and annualized loss expectancy (ALE) for each risk:
Category Cost per incident Frequency of occurrence
Programming errors $1,000 2 per week
Information theft(hacker) $2,000 1 per quarter
Information theft(employee) $5,000 1 per year
Viruses $1,000 1 per year
Denial of service attacks $3,500 1 per 6 month
Natural diaster $100,000 1 per 20 years
Note: read background materials, and also make sure to convert frequency of occurrence to yearly base.
One year past, calculate the cost and benefit of controls that have been in place.
Category
Cost per incident
Frequency of occurrence
Cost of control Type of control
Programming errors $1,000 2 per week $2500 Training
Information theft(hacker) $2,000 1 per quarter $10,000 Firewall
Information theft(employee) $5,000 1 per year $10,000 Physical security
Viruses $1,000 1 per year $10,000 Anti-virus
Denial of service attacks $3,500 1 per 6 month $10,000 Firewall
Natural diaster $100,000 1 per 20 years $15,000 Insurance

CONTENT:



MODULE 1 - SLP INFORMATION SECURITY SYSTEM RISK MANAGEMENT

Name:

Instructor:

Institution:

Date:

According to Bragg (2002), risk management entails all the processes and efforts necessary, so as to assist in the mitigation or reduction of the risks that can compound an organization’s information assets. Risk management entails identification of any risks, evaluation of the risks, and any probabilistic estimation of the risks, before then coming up with the most efficient ways of managing the risk. The assessment and approximations usually go as far as measuring the extent of the risks and the cost of containing them (Wheeler, 2011).


...

Price: £ 99

100% Plagiarism Free & Custom Written, Tailored to your instructions