Overview
The following risks, threats, and vulnerabilities were found in an IT infrastructure. Consider the scenario of a Healthcare provider under HIPPA compliance law and what compliance to HIPPA involves
Given the list below, perform a qualitative risk assessment:
Determine which typical IT domain is impacted by each risk/threat/vulnerability in the “Primary Domain Impacted” column.
Next, for each of the identified risks, threats, and vulnerabilities, prioritize them by listing a “1”, “2”, and “3” next to each risk, threat, vulnerability in the “Risk Impact/Factor” column. “1” = Critical, “2” = Major, “3” = Minor. Use the following qualitative risk impact/risk factor metrics:
Craft an executive summary for management using the following 4-paragraph format. The executive summary must address the following topics:
Week 2 Lab: Assessment Worksheet
Perform a Qualitative Risk Assessment for an IT Infrastructure
Overview
Answer the following Assessment Worksheet questions pertaining to your qualitative IT risk assessment you performed.
Lab Assessment Questions & Answers
What is the goal or objective of an IT risk assessment?
Why is it difficult to conduct a qualitative risk assessment for an IT infrastructure?
What was your rationale in assigning “1” risk impact/ risk factor value of “Critical” for an identified risk, threat, or vulnerability?
When you assembled all of the “1” and “2” and “3” risk impact/risk factor values to the identified risks, threats, and vulnerabilities, how did you prioritize the “1”, “2”, and “3” risk elements? What would you say to executive management in regards to your final recommended prioritization?
Комментариев нет:
Отправить комментарий