CMGT 582 Week 3 Risk Management Paper 1 - 1116 Words

Risk Management Christine A. Rosario CMGT/582 3 November 4, 2014 Professor David Hatfield Asset ID Asset Name Description Asset Value Priority Threat Description Controls in Place ARO Uncertainty Risk Value Controls Needed Action Plan ID 1 IT Rep Local IT presence 55000 Critical Absence; skill short-coming; request overload Alternates / CE: .8 .1 .05 1155 Addt’l training; addt’l backups AA 2 Security Officers Facility ( People) Security 75000 Critical Absence; weapons; stealth Reliability / Alternates / CE: .9 .001 .001 7.5075 N/A BB 3 HR Rep Human Resources 60000 High Absence; unauthorized disclosures Alternates / CE: .9 .001 .001 6.006 N/A CC 4 Security Training Required, annual, security process 10000 Medium Lack†¦show more content†¦As such, our company’s people resources pose the greatest risk for security breach. Our way to help mitigate risk in this area is to keep communication lines open in this area and to continually mandate security knowledge training, with mandatory updates on a regular basis. When the employees are informed of company policy when facing a security matter, they are better equipped to act in the best or right way. In this way knowledge is power – or at least empowerment to act in the best interest of the company’s information security. Risk Assessment Insights In the table above, an Asset Inventory and Risk Assessment is displayed for our local Customer Care operations. The assets considered are our local IT representative, our contracted security officers, our local HR representative, our annually-mandated information security training, our PeopleSoft software, our networked servers, our customer services database and application, and our employee database system. The asset value for each is listed based on the annual cost to the company for one local call center operation. The IT Rep and HR Rep values are based on annual salary for having one full-time equivalent of each available Monday through Friday. The Security Officer value is based on having two-and-a-half full-timeShow MoreRelatedCmgt 582 Week 42300 Words   |  10 Pagesand Risk Management Jason Lee CMGT/582 Security amp; Ethics June 9, 2011 James Taylor Asset Inventory and Risk Management This Asset Inventory and Risk Management Plan (RMP) will address the critical assets and the risks associated with each. The project will also discuss the Risk Management (RM) activities in support of the Backlog project. The RMP will: * Be integrated into all project management activities, and encourage working-level personnel to assimilate risk management principles