Premium Essay

Risk Assesment Plan


Submitted By Achaidez93
Words 1565
Pages 7
The purpose of the Risk Management Plan is to establish an approach to monitoring, evaluating, and managing risks throughout the life of the project. A risk is an uncertain event or condition that has a negative or positive effect on the project’s objectives.
The risk management plan will identify potential risk, assess individual risk and its impact on performance, cost, and schedule of the overall project and develop an action plan that handles individual risk.
The scope of this risk assessment assessed the system’s use of resources and controls (implemented or planned) to eliminate and/or manage vulnerabilities exploitable by threats internal and external to the Project. If exploited, these vulnerabilities could result in:
• Unauthorized disclosure of data
• Unauthorized modification to the system, its data, or both
• Denial of service, access to data, or both to authorized users
This Risk Assessment Report evaluates the confidentiality (protection from unauthorized disclosure of system and data information), integrity (protection from improper modification of information), and availability (loss of system access) of the system. Recommended security safeguards will allow management to make decisions about security-related initiatives.

This risk assessment methodology and approach was conducted using the guidelines in NIST SP 800-30, Risk Management Guide for Information Technology Systems. The assessment is broad in scope and evaluates security vulnerabilities affecting confidentiality, integrity, and availability. The assessment recommends appropriate security safeguards, permitting management to make knowledge-based decisions about security-related initiatives. The methodology addresses the following types of controls:
• Management Controls: Management of the

Similar Documents

Premium Essay

Business Paper

...Business and Commercial Awareness ------------------------------------------------- MODULE CODE: 6FBS1261MODULE LEADER: Mr. Neil GodfreyImplementation PlanMember: Jenna Julien                      ID NUMBER: 13028960Programme Delivered by:CTS College of Business and Computer Science Ltd.Submission Date: 07/01/2013Final Word Count:1302(Excluding, Table of Contents, Tables & References) | Table of Contents Section 1.0 1 OVERVIEW OF INVESTMENT AND IMPACT ON FINANCIAL DEPARTMENT: 1 Section 2.0 2 LINKAGES WITH OTHER DEPARTMENTS: 2 Section 3.0 3 MILESTONES AND TIME PLAN FOR FINANCIAL ACTIVITIES: 3 Section 4.0 4 RISK MANAGEMENT PLAN: 4 TABLE 1: Showing Risk Plan for Implementation Plan 5 TABLE 2: Showing Risk Assessment for Implementation Plan 5 Section 5.0 6 FINANCIAL OVERVIEW OF INVESTMENT: 6 COST-PLAN 6 TABLE 3: SHOWING DETAILED EXPENSE ACCOUNT 7 TABLE 4: SHOWING TOTAL PROJECTED YEARLY INCOME 8 TABLE 5: SHOWING PROJECTED COST-INCOME RATIO 8 TABLE 6: SHOWING TOTAL FORECASTED PROFITS 8 TABLE 7: SHOWING PROJECTED PROFIT-INCOME RATIO 9 TABLE 8: SHOWING PROJECTED BREAK-EVEN PERIOD FOR 9 Section 6.0 10 RESOURCE REQUIREMENTS BY THE FINANCE DEPARTMENT: 10 Section 7.0 11 KEY PERFORMANCE INDICATORS 11 Section 8.0 12 REFERENCES 12 Section 1.0 OVERVIEW OF INVESTMENT AND IMPACT ON FINANCIAL DEPARTMENT: The 3 star new build in Rio de Jainero, Brazil was chosen as the best investment idea by our syndicate...

Words: 2601 - Pages: 11

Premium Essay

Communication Product

...RESULTS-BASED PUBLIC SECTOR MANAGEMENT A Rapid Assessment Guide PLAN EVALUATE BUDGET RESULTS MONITOR IMPLEMENT i RESULTS-BASED PUBLIC SECTOR MANAGEMENT A Rapid Assessment Guide © 2012 Asian Development Bank All rights reserved. Published in 2012. Printed in the Philippines ISBN 978-92-9092-838-6 (Print), 978-92-9092-839-3 (PDF) Publication Stock No. TIM124978 Cataloging-In-Publication Data Asian Development Bank    Results-based public sector management: A rapid assessment guide. Mandaluyong City, Philippines: Asian Development Bank, 2012. 1. Managing for development results   2. Results-based management    3. Public sector.   I. Asian Development Bank. The views expressed in this publication are those of the authors and do not necessarily reflect the views and policies of the Asian Development Bank (ADB), its Board of Governors, or the governments they represent. ADB does not guarantee the accuracy of the data included in this publication and accepts no responsibility for any consequence of their use. By making any designation of or reference to a particular territory or geographic area, or by using the term “country” in this document, ADB does not intend to make any judgments as to the legal or other status of any territory or area. ADB encourages printing or copying information exclusively for personal and noncommercial use with proper acknowledgment of ADB. Users are restricted from reselling, redistributing, or creating...

Words: 5265 - Pages: 22

Premium Essay

Risk Management Plan for Defense Logistics Information Service

...Risk Management Plan for Defense Logistics Information Service 1. PURPOSE This Risk Management Plan is an overall look at how Defense Logistics Information Service can protect it’s data. The implication of lost confidential government data is the primary cause for this plan, and will be treated with the utmost importance. 2. GUIDING PRINCIPLES This plan will be presented through a formal, written, written risk management, and security safety program. The Security Safety and Risk Management Program supports the DLIS philosophy that government safety and risk management is everyone’s responsibility. Teamwork and participation among management, providers, and staff are essential for an efficient and effective patient safety and risk management program. The program will be implemented through the coordination of multiple organizational functions and the activities of multiple departments. DLIS supports the establishment of such clauses and best practices. An in depth look at mistakes made and ways we can learn from them will be at the forefront of out investigation. Constructive feedback will play a large part as well. In a just culture, unsafe conditions and hazards are readily and proactively identified, mistakes are openly dicussed, and suggestions for systematic improvements are welcomed. Individuals are still held accountable for compliance with safety and risk management practives. As such, if evaluation and investigation of an error or even reveal reckless behavior...

Words: 829 - Pages: 4

Premium Essay

Recognizing and Minimizing Tort and Regulatory Risk Plan

...Regulatory Risk Plan Recognizing and Minimizing Tort and Regulatory Risk Plan LAW/531 September 29, 2010 Introduction Alumina, Inc. makes aluminum products and has revenues of over $4 Billion Dollars. The company is based in the United States (US) with operations in eight other countries around the world. The US accounts for 70% of Alumina’s market share. Alumina has business interests in automotive components and manufacture packaging materials, bauxite mining, and Alumina refining and smelting. The company falls under the jurisdiction of Region 6 of the Environmental Protection Agency (EPA) (University of Phoenix, 2010). Recognizing and Minimizing Tort and Regulatory Risk Plan Companies and organizations such as Alumina, Inc. have corporate governances that require them to operate their businesses under government rules, regulations and boundaries. The rules and regulations have been authorized and enacted by major legislation, which are enacted by Congress and enforceable by laws. Minimizing the risk of tort liability is the goal of every organization and company. Five years ago Alumina was in violation of environmental discharge norms in a routine EPA compliance evaluation inspection. The EPA ordered a cleaned up and Alumina complied right away. Now, the case of negligence starts. The government places a high level the importance on the preservation of the environment and enforces environmental regulations. Alumina has to come up with a risk management...

Words: 1581 - Pages: 7

Premium Essay

Improving Security Through Layed Security

...innovate, collaborate, and achieve competitive advantages. The security approach that many organizations have been forced to take in the past have been a reactive approach rather than viewing information security as a business enabler they see it as a inhibitor, designed to prevent bad things from happening. The problem with this is that good efforts in one area can be quickly nullified by failures in another. To help with its security transformation, Global called upon the expertise of CIS, its own security division, CIS’s information risk management strategy brings together, within a global framework, all the components that an organization needs to plan and implement an end-to-end approach for protecting a business’s most critical information assets. Looking a compliance you have to understand that there are certain laws that apply to financial data. The question at hand is looking at reporting from a unsecure network. Bringing in a risk team will first a foremost put that to a stop, finance data should not be reported over unsecured networks, this can a violation of compliance law by letting information out be that either non encrypted or passing it along where it is vulnerable. Assuring the integrity and security of personal information held by banks, insurance...

Words: 1132 - Pages: 5

Premium Essay

Impact of Complexity and Uncertainty on Project Planning Process

...(Vidal et al. 2011, p. 719) define project complexity as the property of a project which make it difficult to understand, foresee and keep under control, even when given reasonably complete information about the project system. Besner and Hobbs project (2012) established that size, complexity and together with risk (known unknown) and uncertainty (unknown unknown) are path of project characteristics to be considered in selection of project management toolsets to be adopted in their management approach. Each of the project classification approaches attempt to address interaction between complexity and uncertainty and the impact this interaction has on project planning process. The key principles for addressing complexity in the planning process. The complexity of project has always been there which make the need to execute and bring realisation of project complexity on the increase. Therefor the key principles of project complexity in the project planning process are to understand and manage project complexity keeping in mind the dynamic and uncertain project environment. This will assist to reduce the level of complexity in a project by reducing the number of swaying risk factors to make it more manageable and keep it simple or uncomplicated. It is worth to note that with the reduction in complexity...

Words: 448 - Pages: 2

Premium Essay

A Business Plan

... 8301 Ocean Parkway Brooklyn, NY 11235 Table Of Contents Component & Explanation · Executive Summary · Company Description · Mission Statement Management Functions · Planning · Organaizing · Directing · Controlling Assesment of the Environment · Current Economic Conditions · Industry Analysis · Target Market · Competitive Analysis The Marketing Mix · "The five P's" Product, Price, Placement, Promotion, Positioning SWOT Analysis & Business Risks · SWOT analysis · Business Risks · Stategies Executive Summary Supporter, Inc. is a sports bra company supporting the breasts of active females ages 16- 30. Our plan is for our company to produce bras that can withstand breasts of all sizes at an affordable price. Company Description Location – Brooklyn, Manhattan History – Many different women from all around the world have used our sports bras in everyday life and even olympic events Origination Date – 2013 Mission Statemmt Supporter, Inc. plans on making award-winning bras at affordable prices. We want to make the needs of our customers our priority by bringing comfort/support to their lives. Marketing Mix "The five P's" Product: Supporter, Inc. sells sports bras for active women ranging from 16 years old to 30 years old. Pricing: A comfortable...

Words: 323 - Pages: 2

Premium Essay

Rights to Contemptment

...Risk Management Principles CMGT/430 INTRODUCTION Riordan Manufacturing is a company that is commited to handling their business in an ethical and logical manner. In order to provide the proper risk management plan for the company there needs to be a conference with all of management and stakeholders to get an oversight on the company and what it needs for mitigation control and risk management. The company needs to reconsider getting input from internal auditors, external auditors and outsources. Management will also need to get all of the department heads and key people together to discuss all of the initial assessments of the risk management capabilities and how effective it can be on the network/system. This assessment will be able to decide rather to have or continue with a more in tune risk management plan. There is also the need to discuss how to make the plan stronger for the company and how the analysts should focus on the risk management mitigation for Riordan manufacturing. Risk Management Principles Riordan Manufacturing is a corporation that is consistent of many different businesses. This new plan that needs to be implemented will help each business to deal with and handle their everyday risks and teach them how to make the proper decisions on what can or could be done. In order for this new plan to be implemented, eack business will have to be able to weigh out the risks with the strategies and be able to know and choose the proper decision when responding...

Words: 1084 - Pages: 5

Premium Essay

The Summer Day By Mary Oliver

...After finishing the high school there are so many things I want to do in my life. Growing up my goals changed so many times, and I finally I found what I want to do in my life. I was a child when I was going and helping my family in their restaurants. We started from basic work and I was doing schedules for employees, than there were giving more and more difficult things to do for my age. After reading the poem “ The Summer Day” by Mary Oliver, I asked myself “ what will you do with your one wild and precious life”? It is very interesting question , all the time as you grow your wants and needs always change. The two most important thing what always stays with me is to be happy and successful....

Words: 399 - Pages: 2

Free Essay

Case Scenario

...strengths and weaknesses of scenario planning? Strenghts Allows one to project the future back into the present to help articulate the strategies necessary to achieve the point in future the scenario is conducive to success or help implement strategies to avoid the scenario in cases where it is not going to be successful - Allow a shared view of the future to be developed - Provide the oportunity for an organization to consider how they want to be positioned in that future - Promotes flexibility and responsiveness - Permit to see the mayor drivers of change: globalisation, economics, technology, - It can be used to do Risk assesment, identify early warning indicators and decide how will we respond. Weakness Simplification of the future: Difficult to predict the future as the number of variables used maybe less |than required for a better plan. Scenario planning is expensive because it requires a huge commitment of time: time consumer and there are necesary consultants Dificult to convince people about how useful could be to do the exercise, because it doesn't affect their daily job It could be too focused in the internal problems, how the participants think. A financial guy will be centered in things that affectsthe funtional area, problems that he understand and control It can be ambiguous, because it requires to think...

Words: 692 - Pages: 3

Free Essay

Database Management Improvement Strategies

...Tasks improve the quality of datasets According to (Shankaranarayan & Even, 2009) specific tasks that could be performed to improve the quality of datasets using SDLC are: Auditing. Quality defects occur during data processing (e.g., due to miscalculation, or mismatches during integration across multiple sources), or after data is stored (e.g., due to changes in the real-world entity that the data describes). Addressing these defects requires auditing records, monitoring processes, and detecting the existence of defects. Correction. It is often questionable whether the detected defects are worth correcting. Correction might be time consuming and costly (e.g., when a customer has to be contacted, or when missing content has to be purchased). One might hence choose to avoid correction if the added value cannot justify the cost. Prevention. Certain methods can prevent data defects or reduce their occurrences during data acquisition, for example, improving data acquisition user interfaces, disallowing missing values, validating values against a value domain, enforcing integrity constraints, or choosing a different (possibly, more expensive) data source with inherently cleaner data Data Refinement: Datasets are refined at regular intervals and database is checked for the orphan accounts if any in the system. Orphan accounts may result into dangerous issues so it should be handled carefully. Data Governance implementation: Data Governance Maturity model can be implemented....

Words: 743 - Pages: 3

Free Essay

Loreal Csr Report Analisys

...Professional Higher Education Bachelor's Programme “European Business Studies” Analysis of LOreal CSR report 2011 Prepared by: Krists Dilba Maksims Simhovičs Table of contents 1. Main facts from the report 3 2. Motivation for choosing LOreal 5 3. Industry Analysis 5 4. Evaluation of the report 7 5. Assesment of the Report (quality principles) 19 6. Assesment of the Report (principles of content) 20 7. Conсlusions 22 1. Main facts from the report 1. L’Oreal has been a member of the UN Global Compact since 2003 2. L’Oreal also works closely with the following major associations and institutes: Anti-Corruption Commission of the International Chamber of Commerce, Global Council on Business Conduct, The Conference Board, Ethics and Compliance Officers Association, The Ethics Resource Center, International Business Ethics Institute, Institute of Business Ethics, Cercle d'Éthique des Affaires. 3. The L’Oreal is the largest cosmetics group in the world with 20.3 billions Euros of sales (2011), operating in 130 and having almost 70000 employees 4. L’Oreal invest 40 million Euros annually in programs that bring tangible benefits to communities all over the world. 5. The company engages in human rights protection, is against child labor, and also executes their buy & care programs to ensure sustainable growth and compliance with CSR strategy throughout their supply chain. 6. L’Oreal has also developed very stringent...

Words: 3971 - Pages: 16

Free Essay

Project Management

...PERENCANAAN MANAJEMAN RESIKO TOPIK-TOPIK LANJUTAN SISTEM INFORMASI Bayu Pratama Wibowo 1501185710 06PEM 2014 Abstract Perencanaan Manajemen Resiko adalah suatu upaya yang dilakukan untuk merencanakan penanganan terhadap sesuatu yang dapat disebut sebagai resiko. Penanganan yang dimaksud dapat diartikan sebagai antisipasi atau meminimalisir dampak dari terjadinya resiko tersebut. Dalam pembahasan ini dipaparkan sejumlah proses yang dilakukan untuk memanage resiko pada proyek Teknologi Informasi. Terkandung juga didalamnya pendekatan-pendekatan yang bersifat strategis. Kata Kunci : Resiko, Perencanaan Management Resiko, Proses Memanage Resiko Pendahuluan Resiko merupakan hal yang tidak dapat dipisahkan dari kehidupan manusia, dalam kehidupan sehari-hari dikala beraktifitas juga tidak lepas dari resiko. Sesuatu hal yang tidak pasti akan menimbulkan resiko, reiko dapat bearkibat positif maupun negatif. Resiko yang berakibat negatif ini dapat menciptakan kerugian, sebaliknya resiko yang berakibat positif dapat suatu peluang. Secara umum resiko dapat diartikan sebagai suatu keadaan yang harus dihadapi seseorang atau sebuah organisasi perusahaan dimana terdapat kemungkinan merugikan. Karena ketidakpastian yang disebabkan oleh kurangnya informasi terkait isu-isu yang berkembang akan berhubungan dengan terjadinya resiko. Menurut (Wiley & Sons, 2012) Resiko adalah kejadian yang dapat terjadi dari suatu kondisi atau proses terstentu, yang apabila terjadi...

Words: 1105 - Pages: 5

Free Essay

The Financial Performance of Hospitals

...Risk Management Assesment Risk Management Assessment Baptist Hospital of Miami is currently analyzing the possibility of developing risk management strategies that will ensure to meet all needs or the organization related to quality management. Every plan needs to be approved by every member of the board of directors. The purpose of the Clinical Risk Management Plan is to support the vision and mission of Baptist Hospital of Miami as it pertains to risks associated with the safety of employees, patients, visitors, volunteer, staff, third parties; also operational risks and property risks. The risk management plan will basically guide the process of development and implementation of a risk management program. The risk management promotes the philosophy of Baptist Hospital of Miami that the risk management and patient safety is responsibility of members of the organization and team cooperation is essential for an effective and efficient functioning. Baptist Hospital of Miami believes that organizational errors should be addressed through the implementation of evidence-based practices, constructive feedback, and learning from error analysis. Clinical errors should be addressed by using the following: • Proper report and analysis of errors related to medical or patient care. • Proactive identification of hazards and unsafe conditions. • Open discussions of mistakes. • Open acceptance of system improvements. The...

Words: 2073 - Pages: 9

Free Essay

Constructive Intercultural Conflict

...that CSOs number in Indonesia reached to 139.957 CSOs, which are: Number of CSO 65.577 25.406 Registered at: Ministry of Home Affairs Ministry of Social Services 48.866 108 (Foreign NGO) Ministry of Justice & Human Right Ministry of Foreign Affairs Backgrounds Civil Society Organizations represent majority of society voices.  Civil Society Organizations as a social control power in policy, in regulation, in the life of democracy.  Parallel activities among Civil Society Organizations and Media can provide the transform of the social politic condition (to reach the civil society independency and the elites as well).  CSO Problem Definitions The problems that interface Indonesia CSOs related with low capacity, low payment and high risks of CSO human resources; the result of IGI (Indonesia Governance Index) Survey in 2012 for Auditing of Good Governance Index in Indonesia shown that: Problem Definitions   The comprehensive social sufficient mobilisation that facilitate the...

Words: 1368 - Pages: 6