Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

**Need task 1-4 need all that due today. (Need 2-3 Pg.) Doing it alone need Help

ID: 3648284 • Letter: #

Question

**Need task 1-4 need all that due today. (Need 2-3 Pg.) Doing it alone need Help!!

Deliverables
Introduction:
Risk management is an important process for all organizations. This is particularly true in information systems, which provides critical support for organizational missions. The heart of risk management is a formal risk management plan. This activity allows you to fulfill the role of an employee participating in the risk management process in a specific business situation.

Scenario:
You are an information technology (IT) intern working for the Defense Logistics Information Service(DLIS) in Battle Creek, Michigan. DLIS is an organization within the Defense Logistics Agency (DLA),which is the largest logistics combat support agency for the Department of Defense. DLIS creates, manages, and disseminates logistics information to military and government customers using the latest technology.
Senior management at DLIS decided that the existing risk management plan for the organization is out of date, and that a new risk management plan must be developed. Because of the importance of risk management to the organization, senior management is committed to and supportive of the project to develop a new plan. You have been assigned to develop this new plan.

Project Part 2
Project Part 2 Task 1: Introduction and Business Impact Analysis Plan As discussed so far in this course, risk management is an important process for all organization. This is particularly true for information systems, which provide critical support for organizational missions. The heart of risk management is a formal risk management plan.
This part of the project is a continuation of the Project Part 1 where you prepared RA plan and a risk mitigation plan for the DLIS. Senior management at DLIS decided that the risk manager and his/her team should continue and develop a RA plan based on inputs provided by the team in earlier project deliverables. Management has also allocated funds for a risk mitigation plan and a BIA plan. Because of the importance of risk management to the organization, senior management is committed to and supportive of the project to develop a new plan. You have been assigned to develop this new plan.

Project Part 2 Task 2: Business Continuity Plan
After having reviewed and being impressed by your Project Part 1 on Risk Management, the senior management at DLIS decided that your team must also develop a BCP as your team is doing so well. Management has also allocated all funds for a BCP and your team has their full support, as well as free reign to call on any of them for participation or inclusion in your BCP plan. You have been assigned to develop this new plan after taking into consideration the following additional information on DLIS IT infrastructure.
DLIS has a global reach and at least 50 file servers and various databases (12) running everything froman enterprise resource planning (ERP) system to the organization payroll system that has an electronic funds transfer (EFT) capability. Other things worth noting are a warm site within 50 miles of the headquarters data center. No plans exist for it. You will want to use it in your BCP planning. Currently back-ups are done with an outside vendor. However your team will want to recommend a new process (vendor), and develop a new back-up plan for approximately five terabyte (TB) of critical classified data. Do not forget to develop a testing plan for your team

Explanation / Answer

In ideal risk management, a prioritization process is followed whereby the risks with the greatest loss (or impact) and the greatest probability of occurring are handled first, and risks with lower probability of occurrence and lower loss are handled in descending order. In practice the process of assessing overall risk can be difficult, and balancing resources used to mitigate between risks with a high probability of occurrence but lower loss versus a risk with high loss but lower probability of occurrence can often be mishandled. Intangible risk management identifies a new type of a risk that has a 100% probability of occurring but is ignored by the organization due to a lack of identification ability. For example, when deficient knowledge is applied to a situation, a knowledge risk materializes. Relationship risk appears when ineffective collaboration occurs. Process-engagement risk may be an issue when ineffective operational procedures are applied. These risks directly reduce the productivity of knowledge workers, decrease cost effectiveness, profitability, service, quality, reputation, brand value, and earnings quality. Intangible risk management allows risk management to create immediate value from the identification and reduction of risks that reduce productivity. Risk management also faces difficulties in allocating resources. This is the idea of opportunity cost. Resources spent on risk management could have been spent on more profitable activities. Again, ideal risk management minimizes spending (or manpower or other resources) and also minimizes the negative effects of risks. Method: For the most part, these methods consist of the following elements, performed, more or less, in the following order. 1.identify, characterize, and assess threats 2.assess the vulnerability of critical assets to specific threats 3.determine the risk (i.e. the expected likelihood and consequences of specific types of attacks on specific assets) 4.identify ways to reduce those risks 5.prioritize risk reduction measures based on a strategy IT risk management can be considered a component of a wider Enterprise risk management system. The establishment, maintenance and continuous update of an ISMS provide a strong indication that a company is using a systematic approach for the identification, assessment and management of information security risks. Different methodologies have been proposed to manage IT risks, each of them divided in processes and steps. According to Risk IT, it encompasses not just only the negative impact of operations and service delivery which can bring destruction or reduction of the value of the organization, but also the benefit alue enabling risk associated to missing opportunities to use technology to enable or enhance business or the IT project management for aspects like overspending or late delivery with adverse business impact. Because risk is strictly tied to uncertainty, Decision theory should be applied to manage risk as a science, i.e. rationally making choices under uncertainty. Generally speaking, risk is the product of likelihood times impact (Risk = Likelihood * Impact). The measure of a IT risk can be determined as a product of threat, vulnerability and asset values: Risk = Threat * Vulnerability * Asset 1.The total process to identify, control, and minimize the impact of uncertain events. The objective of the risk management program is to reduce risk and obtain and maintain DAA approval. The process facilitates the management of security risks by each level of management throughout the system life cycle. The approval process consists of three elements: risk analysis, certification, and approval. 2.An element of managerial science concerned with the identification, measurement, control, and minimization of uncertain events. An effective risk management program encompasses the following four phases: a.a Risk assessment, as derived from an evaluation of threats and vulnerabilities. b.Management decision. c.Control implementation. d.Effectiveness review. 3.The total process of identifying, measuring, and minimizing uncertain events affecting AIS resources. It includes risk analysis, cost benefit analysis, safeguard selection, security test and evaluation, safeguard implementation, and systems review. 4.The total process of identifying, controlling, and eliminating or minimizing uncertain events that may affect system resources. lt indudes risk analysis, cost benefit analysis, selection, implementation and test, security evaluation of safeguards, and overall security review.

Related Questions

**Ignition coils typically have a primary-to-secondary turns ratio around 1:80.
Question #3900998
**Im sorry this is the second time this happened... the \"2r\" is 2raised to the
Question #2937029
**In Java Turn NonFiction category code into an enumerated type with possible va
Question #3683180
**In Java Write a method, calculatePay, that accepts hours and payRate. The meth
Question #3673218
**In Java or C++** Build a system which allows a client to practice multiple cho
Question #3603569
**In java, below is what I have so far. 2. Write program WriteFile that writes t
Question #3683133
**Interest Rate Determination** Mortgage loan. You borrow $100,000 for twenty ye
Question #2819321
**JAVA ASSIGMENT** Chapter 20 Assignment Requirements Create a new Eclipse proje
Question #3698337

Navigate

Previous
**Need in C Given a sorted array of n distinct values as well as a target value
Next
**Need this answered immediately** C++ Math Game -Ask user to practice addition,

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.