null
US
Sign In
Sign Up for Free
Sign Up
We have detected that Javascript is not enabled in your browser. The dynamic nature of our site means that Javascript must be enabled to function properly. Please read our
terms and conditions
for more information.
Next up
Copy and Edit
You need to log in to complete this action!
Register for Free
45176
Security Mgt U5, risk analysis & mgt (part 2)
Description
IYM001 Mind Map on Security Mgt U5, risk analysis & mgt (part 2), created by jjanesko on 13/04/2013.
No tags specified
iym001
iym001
Mind Map by
jjanesko
, updated more than 1 year ago
More
Less
Created by
jjanesko
over 11 years ago
104
20
0
Resource summary
Security Mgt U5, risk analysis & mgt (part 2)
stages of the risk analysis and management process
stage 1
What is the value of the information being processed?
costs of assets
replacement costs
for software: only valued insofar as it provides competitive advantage
what devalues assets?
modification
unavailability
disclosure
destruction
communication interference
What parts of the system support which business processes?
identify assets
stage 2
identify threats, vulnerabilities and risk
What threats affect the system?
How vulnerable are our systems?
What conclusions can be reached about the risks to our security?
assessing a new system for risk
I do have a similar system.
use stats from this system
I don't have a similar system.
seek industry stats or best guess
types of threats
logical
communications
technical failures
human errors
physical
types of vulnerabilities
facilities and functionalities
system dependence
design
stage 3
How can the identified risks be met?
countermeasures
kinds
1. avoid
2. transfer
3. reduce threat
4. reduce vulnerability
5. reduce impact
6. detect
7. recover
review and mark countermeasrues
installed
not applicable
under consideration
requires management consultation to determine whether or not this countermeasure is applicable or not
prioritization
already in place
covers many threats
required
low cost high effectiveness
What improvements can be made to existing security?
gap analysis
highlights countermeasures that are not in place
Show full summary
Hide full summary
Want to create your own
Mind Maps
for
free
with GoConqr?
Learn more
.
Similar
Security Mgt, ISO 27001, PDCA
jjanesko
Exemplary Assignment Answers
jjanesko
Security Mgt, Flashcards for ISO 27000 series
jjanesko
Security Mgt U5, risk analysis and mgt (part 1)
jjanesko
Security Mgt U8, Information Assurance
jjanesko
Security Mgt U5, quantitative risk assessment forumula (image)
jjanesko
Security Mgt U8, Incident Recovery Image
jjanesko
Security Mgt U3, BS7799 (Part 2)
jjanesko
Security Mgt U3, BS7799 (Part 1)
jjanesko
Security Mgt U5, Risk Analysis Methods and Tools (image)
jjanesko
Security Mgt U10, Scope of Incident Response (chart)
jjanesko
Browse Library