Bundle: Principles Of Information Security, Loose-leaf Version, 6th + Lms Integrated Mindtap Computer Security, 1 Term (6 Months) Printed Access Card
Bundle: Principles Of Information Security, Loose-leaf Version, 6th + Lms Integrated Mindtap Computer Security, 1 Term (6 Months) Printed Access Card
6th Edition
ISBN: 9781337750738
Author: Michael E. Whitman, Herbert J. Mattord
Publisher: Cengage Learning
Expert Solution & Answer
Book Icon
Chapter 5, Problem 1RQ

Explanation of Solution

Risk management:

  • The process of identifying risk, evaluating its comparative magnitude, and taking some steps to reduce it to the acceptable level is referred as risk management.
  • The probability of defining something that will go wrong as a source of any event or due to any series of sequences is referred as risk.
  • A risk management plan contains assessment, analysis, and handling the risk.
  • It takes the step to ensure the confidentiality, integrity and availability of all the components in the organization’s information system.
  • It has three major undertakings:
    • Risk identification
    • Risk assessment
    • Risk control

Identifying the risk:

  • Identification of risk is important, because an individual should know what risks are available in the system and should be aware of the ways to control them.
  • Information should be analyzed and the system which stores, uses and transmit information should be checked repeatedly.
  • These steps should be taken to protect it from risk and to make sure up to which vulnerabilities they are susceptible.
  • Once the process has been identified, analyze what are the measures that have been already taken to protect the system.
  • Moving the asset from place does not really mean that the asset is kept safer.
  • Organizations will start implementing the control mechanisms, but they unfortunately neglect the periodic review, maintenance, revision which are necessary to run the system without risk.
  • Thus, the training programs, education and technologies which help in protecting the information should be maintained carefully and regularly.

Want to see more full solutions like this?

Subscribe now to access step-by-step solutions to millions of textbook problems written by subject matter experts!
Students have asked these similar questions
What does risk management entail? When it comes to risk management, why is it so important to identify risks and vulnerabilities associated with assets?
What does risk management entail? Why is it critical to identify risks and vulnerabilities to assets in risk management?
To phrase this question another way: what does it mean to manage risks? In the context of risk management, what are the primary reasons for the relevance of recognizing the risks and vulnerabilities associated with assets?
Knowledge Booster
Background pattern image
Similar questions
Recommended textbooks for you
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Text book image
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Text book image
Information Technology Project Management
Computer Science
ISBN:9781337101356
Author:Kathy Schwalbe
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning