Principles of Information Security
5th Edition
ISBN: 9781285448367
Author: Michael E. Whitman, Herbert J. Mattord
Publisher: Course Technology
expand_more
expand_more
format_list_bulleted
Expert Solution & Answer
Chapter 5, Problem 1RQ
Explanation of Solution
Risk management:
- The process of identifying risk, evaluating its comparative magnitude, and taking some steps to reduce it to the acceptable level is referred as risk management.
- The probability of defining something that will go wrong as a source of any event or due to any series of sequences is referred as risk.
- A risk management plan contains assessment, analysis, and handling the risk.
- It takes the step to ensure the confidentiality, integrity and availability of all the components in the organization’s
information system . - It has three major undertakings:
- Risk identification
- Risk assessment
- Risk control
Identifying the risk:
- Identification of risk is important, because an individual should know what risks are available in the system and should be aware of the ways to control them.
- Information should be analyzed and the system which stores, uses and transmit information should be checked repeatedly.
- These steps should be taken to protect it from risk and to make sure up to which vulnerabilities they are susceptible.
- Once the process has been identified, analyze what are the measures that have been already taken to protect the system.
- Moving the asset from place does not really mean that the asset is kept safer.
- Organizations will start implementing the control
mechanisms , but they unfortunately neglect the periodic review, maintenance, revision which are necessary to run the system without risk. - Thus, the training programs, education and technologies which help in protecting the information should be maintained carefully and regularly.
Want to see more full solutions like this?
Subscribe now to access step-by-step solutions to millions of textbook problems written by subject matter experts!
Students have asked these similar questions
What exactly do you mean by risk management? What are the benefits of identifying assets' risks and vulnerabilities in risk management?
Risk management is a broad term. Why is risk management so concerned with identifying risks and vulnerabilities to assets?
What does risk management entail? Why is it critical to identify risks and vulnerabilities to assets in risk management?
Chapter 5 Solutions
Principles of Information Security
Ch. 5 - Prob. 1RQCh. 5 - Prob. 2RQCh. 5 - Prob. 3RQCh. 5 - Prob. 4RQCh. 5 - Prob. 5RQCh. 5 - Prob. 6RQCh. 5 - Prob. 7RQCh. 5 - Prob. 8RQCh. 5 - Prob. 9RQCh. 5 - Prob. 10RQ
Ch. 5 - Prob. 11RQCh. 5 - Prob. 12RQCh. 5 - Prob. 13RQCh. 5 - Prob. 14RQCh. 5 - Prob. 15RQCh. 5 - Prob. 16RQCh. 5 - Prob. 17RQCh. 5 - Prob. 18RQCh. 5 - Prob. 19RQCh. 5 - Prob. 20RQCh. 5 - Prob. 1ECh. 5 - Prob. 2ECh. 5 - Prob. 3ECh. 5 - Prob. 4ECh. 5 - Prob. 5ECh. 5 - Prob. 1CEDQCh. 5 - Prob. 2CEDQCh. 5 - Prob. 3CEDQCh. 5 - Prob. 1EDM
Knowledge Booster
Similar questions
Recommended textbooks for you
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning