(Solved Homework): 1. If an organization has three information assets to evaluate for risk management purposes, as

1. If an organization has three information assets to evaluate for risk management purposes, as shown in the accompanying data, which vulnerability should be evaluated for additional controls first? Which vulnerability should be evaluated last?

• Switch L47 connects a network to the Internet. It has two vulnerabilities: (1) susceptibility to hardware failure, with a likelihood of 0.2, and (2) susceptibility to an SNMP buffer overflow attack, with a likelihood of 0.1. This switch has an impact rating of 90 and has no current controls in place. There is a 75 percent certainty of the assumptions and data. • Server WebSrv6 hosts a company Web site and performs e-commerce transactions. It has Web server software that is vulnerable to attack via invalid Unicode values. The likelihood of such an attack is estimated at 0.1. The server has been assigned an impact value of 100, and a control has been implemented that reduces the impact of the vulnerability by 75 percent. There is an 80 percent certainty of the assumptions and data. • Operators use the MGMT45 control console to monitor operations in the server room. It has no passwords and is susceptible to unlogged misuse by the operators. Estimates show the likelihood of misuse is 0.1. There are no controls in place on this asset, which has an impact rating of 5. There is a 90 percent certainty of the assumptions and data.

2. Using the Web, search for at least three tools to automate risk assessment. Collect information on automated risk assessment tools. What do they cost? What features do they provide? What are the advantages and disadvantages of each one?

Do not copy/paste word from word from websites without website name or use old examples.

Expert Answer

 Answer for Question 1:

The main reason for managing risk in a firm is to safeguard the Interests and assets of the firm hence risk management
is vital to allow the system owner to understand the risk and its magnitude to allocate its scarce resources mitigating
it and reducing it manageable level since it can never be reduced to zero.

In determining the likelihood and impact for each risk we should identify threats and vulnerabilities. From the three information assets,
switch L47 has the highest risk of attack and there are no controls to counter it, but the probability of occurrence
is very low as compared to other information assets. MGMT45 has a high chance of being attacked but its impact is relative
small compared to other information assets WebSrv6 has the highest impact on the organization and could affect valuable
e- commerce transactions fully if attacked and this would affect the overall performance of the organization.

All the three information assets are key components to the organization hence the management should use all means
to minimize or eliminate the threat, but since resources are scarce the management should go for the assets that if tampered with
could affect other systems from performing. This company website is hosted by the server and all the hardware and software
components are also relying on the server hence if the server is not protected the company’s valuable information could be
exposed and tampered with.

Answer for Question 2:
1.Risk assessment toolbox:
The UCOP Office of Risk Services (OPRS) offers several Excel-based tools intended to support the risk assessment process at each of the UC locations.

2.UC Tracker:
Information on UC Tracker, a web based tool to facilitate the review and documentation of key department controls as required by SAS 112/115.

3.UC Ready:
A systemwide program that enables all of our campuses, medical centers and national laboratory to better prepare to meet the challenges of resuming business operations after a major event occurs.

4.New initiative risk review workbook:
Helps you consider the strategic, financial, operational, compliance, reporting, and reputational risks associated with a new initiative or project.

Order NOW for a 10% Discount
Pages (550 words)
Approximate price: -

Why Us?

Top Quality and Well-Researched Papers

All ourbpapers are written from scratch. In fact, Clients who ask for paraphrasing services are highly discouraged. We have writers ready to craft any paper from scratch and deliver quality ahead of time.

Professional and Experienced Academic Writers

Our writers keeps you posted on your papers progress - providing you with paper outline/draft. You are also at liberty to communicate directly with your writer.

Free Unlimited Revisions

If you think we missed something, send your order for a free revision. You have 10 days to submit the order for review after you have received the final document. You can do this yourself after logging into your personal account or by contacting our support.

Prompt Delivery and 100% Money-Back-Guarantee

All papers are always delivered on time, in many cases quite ahead of time. In case we need more time to master your paper, we may contact you regarding the deadline extension. In case you cannot provide us with more time, a 100% refund is guaranteed.

Original & Confidential

We use several writing tools checks to ensure that all documents you receive are free from plagiarism. Our editors carefully review all quotations in the text. We also promise maximum confidentiality in all of our services.

24/7 Customer Support

Our support agents are available 24 hours a day 7 days a week and committed to providing you with the best customer experience. Get in touch whenever you need any assistance.

Try it now!

Calculate the price of your order

Total price:

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

No need to work on your paper at night. Sleep tight, we will cover your back. We offer all kinds of writing services.


Essay Writing Service

No matter what kind of academic paper you need and how urgent you need it, you are welcome to choose your academic level and the type of your paper at an affordable price. We take care of all your paper needs and give a 24/7 customer care support system.


Admission Essays & Business Writing Help

An admission essay is an essay or other written statement by a candidate, often a potential student enrolling in a college, university, or graduate school. You can be rest assurred that through our service we will write the best admission essay for you.


Editing Support

Our academic writers and editors make the necessary changes to your paper so that it is polished. We also format your document by correctly quoting the sources and creating reference lists in the formats APA, Harvard, MLA, Chicago / Turabian.


Revision Support

If you think your paper could be improved, you can request a review. In this case, your paper will be checked by the writer or assigned to an editor. You can use this option as many times as you see fit. This is free because we want you to be completely satisfied with the service offered.

× Contact Live Agents