Is3110T Lab 2 Assessment Worksheet

Is3110T Lab 2 Assessment Worksheet

Lab #2 Assessment Worksheet
Align Risks, Threats, & Vulnerabilities to COBIT P09 Risk Management Controls
1.
  a. Unauthorized access from public internet - HIGH
  b. User destroys data in application and deletes all files - LOW
  c. Workstation OS has a known software vulnerability – HIGH
  d. Communication circuit outages - MEDIUM
  e. User inserts CD’s and USB hard drives with personal photos, music and videos on organization owned computers -   MEDIUM
2.
  a. PO9.3 Event Identification – Identify threats with potential negative impact on the enterprise, including business, regulatory, legal, technology, trading partner, human resources and operational aspects.
  b. PO9.4 Risk Assessment – Assess the likelihood and impact of risks, using qualitative and quantitative methods.
  c. PO9.5 Risk Response – Develop a response designed to mitigate exposure to each risk – Identify risk strategies such as avoidance, reduction, acceptance – determine associated responsibilities; and consider risk tolerance levels.
3.
  a. Unauthorized access from public internet - AVAILABILITY
  b. User destroys data in application and deletes all files - INTEGRITY
  c. Workstation OS has a known software vulnerability – CONFIDENTIALITY
  d. Communication circuit outages - AVAILABILITY
  e. User inserts CD’s and USB hard drives with personal photos, music and videos on organization owned computers -   INTEGRITY
4.
  a. Unauthorized access from public internet – Operating system, software patches, updates, change passwords often, and hardware or software firewall.
  b. User destroys data in application and deletes all files – Restrict access for users to only those systems, applications, and data needed to perform their jobs. Minimize write/delete permissions to the data owner only.
  c. Workstation OS has a known software vulnerability – Define a workstation application software vulnerability window policy. Update application software and...

View Full Essay