Software Engineering (10th Edition)
10th Edition
ISBN: 9780133943030
Author: Ian Sommerville
Publisher: PEARSON
expand_more
expand_more
format_list_bulleted
Expert Solution & Answer
Chapter 13, Problem 13.3E
Explanation of Solution
Need for Preliminary risk assessment and design assessment:
The activities undergoing in an organization for identifying and understanding the risk to system and data are known as system risk assessment.
When a new system is developed, throughout its development life cycle different stages of risk assessment are performed.
- Preliminary Risk assessment:
- Preliminary risk assessment stage is needed as it identifies the generic risks applicable to systems.
- Preliminary risk assessment also helps in deciding how to achieve an adequate level of security at a reasonable cost.
- Preliminary risk assessment consists of data management risk, technical risk, contractual risk and employee risk...
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solutionStudents have asked these similar questions
Please offer a summary of the many factors that must be considered while designing security systems.
The fact that computer security is almost often considered as an afterthought rather than an integral part of the development process is one of the most significant problems associated with this aspect of the field. In the event that nothing further can be done, it is essential to express the ramifications.
design principles that have been broken in two typical security failures are examined.
Knowledge Booster
Similar questions
- It is recommended to submit a proposal for a security education program. Artifacts that have been finished and polished are assumed to include all their vital parts. The input that was used to create it should be reflected in the final product. The proposal will comprise an executive summary, communication plan, proposal introduction, rules and processes, suggested solutions to security flaws, and methods to continuously monitor the organization for hostile behaviour.arrow_forwardIt is recommended to submit a proposal for a security education program. Artifacts that have been finished and polished are supposed to have every part they need. The input that was used to create it should be reflected in the final product. The proposal will include an executive summary, a communication plan, an introduction, rules and processes, suggested solutions to security flaws, and plans to continuously monitor the organization for hostile behaviour.arrow_forwardIt is recommended to propose a security awareness campaign. Finished works of art should not be missing any important parts. All of the input should be reflected in the final product. Proposal contents will comprise an executive summary, communication plan, proposal introduction, rules and processes, suggested solutions to security flaws, and plans to continuously monitor the organization for hostile behaviour.arrow_forward
- How does the role of a Security Consultant integrate with that of a Systems Architect in ensuring project robustness?arrow_forwardFor what reasons is it critical, prior to creating a system security strategy, to fully grasp the current and planned system architecture?arrow_forwardWhen developing a plan for security, it is necessary to keep track of three essential components.arrow_forward
- The final step in the security risk assessment process is to a. create a chart that identifies loss events, their frequency, and their monetary costs b. C. d. analyze the costs and benefits of various countermeasures assess the feasibility of implementing each of the identified mitigation measures decide whether or not to implement particular countermeasuresarrow_forwardBefore designing a strategy for the system's security, why is it so important to have a solid understanding of both the current and future architecture of our system?arrow_forwardOne of the difficulties with computer security is that it is frequently seen as an afterthought, to be added into a system after it has been designed rather than being considered as an integral part of the design process from the beginning. If security is an afterthought, it is important to briefly explore the implications.arrow_forward
- When it comes to the importance of incorporating security techniques into the first stages of the system development lifecycle, what are your thoughts?arrow_forwardDescribe the general security maintenance model's five domains.arrow_forwardWhat, exactly, is meant by the term "system security" when it is used to describe a given situation?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage LearningPrinciples of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning