Loading...

Messages

Proposals

Stuck in your homework and missing deadline? Get urgent help in $10/Page with 24 hours deadline

Get Urgent Writing Help In Your Essays, Assignments, Homeworks, Dissertation, Thesis Or Coursework & Achieve A+ Grades.

Privacy Guaranteed - 100% Plagiarism Free Writing - Free Turnitin Report - Professional And Experienced Writers - 24/7 Online Support

What fills security gaps and software weaknesses

08/12/2021 Client: muhammad11 Deadline: 2 Day

Project Part 1-Task 2 – Risk Assessment

Course: Information Security and Risk Management (ISOL533-03)

Name: Sai Vishal Goud Muddam

Student ID: 002852328

Instructor: Dr. Amelia Phillips

EXECUTIVE SUMMARY

One of the most important first steps to risk management plan is to identify known risks, threats, and vulnerabilities and organize them. The purpose of the seven domains of a typical IT infrastructure is to help organize the roles, responsibilities, and accountability for risk management.

The Risk Management plan covers the Risks, Threats, and weakness of the Health Network, Inc. (Health Network)

Risk Management plan: Risk Management is the process of reducing the risk of harm to the patients, staff, and associations. It includes exercises that encompass preventive action or mitigation of events to reduce poor results, or financial and proficient loses.

Risk Assessment: All risks recognized will be assessed to perceive the extent of possible undertaking results. Capacity will be used to make sense of which risks are the top priority to look for after and respond to and which threats can be ignored. The likelihood and impact of occasion for each recognized risk will be assessed by the undertaking chief, with commitment from the project team using the going with system. The purpose of risk assessment incorporates the avoidance related risks, and this should constantly be the goal, it won't commonly be attainable by and by. Where transfer of risks is past the domain of creative ability, the risks should be reduced, and the remaining risks should be controlled. At a later stage, as a noteworthy part of a study program, such leftover risk will be reassessed and the probability of transfer of the risk.

Follow these risk management steps to improve your risk management process:

Plan: understanding the authoritative objectives, external and internal condition.

Identify the risk: When you and your team have accumulated possible issues, make a project risk log or undertaking risk enroll for clear, after and checking of dangers all through a project. A project risk log, moreover, insinuated as an undertaking risk enlisted, is a fundamental piece of any compelling danger the board procedure. As a persistent database of each undertaking potential risk's, it empowers you administer current dangers just as fills in as a sort of viewpoint point on past errands as well. By laying out your risk register with the best possible information focuses, you and your group can rapidly and accurately identify and assess possible threats to any project.

Analyze the risk: During this progression, your team will evaluate the probability and fallout of each hazard to pick where to focus first. Elements, for instance, potential money related misfortune to the affiliation, time lost, and seriousness of impact all have an impact in looking at each hazard. In putting each hazard under the amplifying instrument, you'll also uncover any fundamental issues over an endeavor and further refine the risk management process for future activities.

Respond: At the point when every single reasonable course of action is recorded, pick the one that is well while in transit to achieve needed outcomes. Find the required resources, for instance, work power and financing, and get the essential buy in. Senior organization will likely need to confirm the game plan, and associates ought to be instructed and arranged if indispensable. continuously Set up a formal system to execute the game plan truly and dependably over the affiliation and stimulate specialists.

Monitor: Here we must play out the correspondence among the team and accomplices is essential with respect to persistent observing of potential risks. Furthermore, remembering that it may feel like you're gathering felines every so often, with your risk management process and its relating project risk register set up, checking those moving targets advances toward getting to be something besides unsafe business.

RISKS - THREATS – WEAKNESSES WITHIN EACH DOMAIN

User Domain: Any client who can access to our organization data systems comes into this domain.

Risks: At the point when User gets angry can devastate and erase every one of the information in application. Most likelihood of visiting the hazardous sites and download and introduce the malicious software. unknowingly without their insight bring virus from USB drives which infects different PCs and whole organization.

WorkStation domain: Workstation is only a client's PC like desktop, laptop which worked under the network.

Risks: Workstation is vulnerable and open to malicious software. If the system is infected malware may infect single system or entire organization through network and failure of hard drive may cause losing the data. We should refresh patches to the operating system, software and antivirus up to date.

LAN Domain: Lan refers to local area network is a group of computers, routers, switches connected to a trusted network zone within the firewall.

Risks: Any virus enters through Lan infect all the systems. Date which is transferred outside of network is not secure. Attackers uses sniffers to capture and read all the data within the packets.

LAN to WAN Domain: Domain which connects the local area network to wide area network by providing the firewalls and boundary protection between trusted and untrusted zones.

Risks: An unnecessary open of firewall ports gives a way for hackers to access the internet from outside using a public IP address. Heavy flow of incoming and outgoing packets of traffic may reduce the performance issues.

WAN Domain: Defines wide area network which uses semiprivate lines from telecommunication companies.

Risks: Servers may receive the cyber-attacks (DOS) by hackers who wants to make system and network unavailable to users. Moreover, chances of security risks are high while uploading the software’s through FTP.

System / Application Domain: Domain refers to a server which hosts a user access application like database, oracle, mail servers WebSphere.

Risks: Because of security gaps and software weakness servers might receive a cyber-attack by attacker who wants to corrupt and destroy the data.

Remote Access Domain: Domain which refers to users who works remotely from their private network over a public network through VPN.

Risks: Remote access is the easy way of accessing the unprotected connections by attackers. Chances are high while authentication (credentials)and data transfer through VPN.

Risk – Threat - Weakness

Domain Impacted

Risk Impact / Factor

Risk: Chances are high while authentication (credentials)and data transfer through VPN. Threat : It is easy way of accessing the unprotected connections by attackers. Weakness : Unauthorized access from public internet

Remote Access Domain

2 Major

Risk : Because of security gaps and software weakness servers might receive a cyber-attack by attacker. Threat : Users who have full access to data lead to data manipulation. Weakness : Doctor destroys data in application, deletes all files, and gains access to internal network

System/Application

1 Critical

Risk : An unnecessary open of firewall ports gives a way for hackers to access the internet from outside using a public IP address. Threat : Hacker penetrates IT infrastructure through modem bank and gain access to internal network. Weakness : Hacker penetrates IT infrastructure through modem bank

LAN – to - WAN

1 Critical

Risk : Most likelihood of visiting the hazardous sites and download and introduce the malicious software. Threat : Unknowingly without their insight bring virus from USB drives which infects different PCs and whole organization. Weakness : A technician inserts CDs and USB hard drives with personal photos, music, and videos on organization-owned computers

User

3 Minor

Risk : Any virus enters through Lan infect all the systems. Date which is transferred outside of network is not secure. Threat : Attackers uses sniffers to capture and read all the data within the packets Weakness : LAN server OS has a known software vulnerability

LAN

3 Minor

Risk : If the system is infected malware may infect single system or entire organization through network and failure of hard drive may cause losing the data Threat: Workstation is vulnerable and open to malicious software Weakness : Unauthorized access to organization-owned workstations

Workstation

1 Critical

Risk : Servers may receive the cyber-attacks (DOS) by hackers who wants to make system and network unavailable to users Threat : Security risks are high while uploading the software’s through FTP. Weakness : Service provider has a major network outage

WAN

1 Critical

Risk : Chances are high while authentication (credentials)and data transfer through VPN Threat : It is easy way of accessing the unprotected connections by attackers. Weakness : Remote communications from office

Remote Access Domain

2 Major

Risk : Servers may receive the cyber-attacks (DOS) by hackers who wants to make system and network unavailable to users Threat : Security risks are high while uploading the software’s through FTP. Weakness : Communication circuit outages

WAN

2 Major

Risk : Because of security gaps and software weakness servers might receive a cyber-attack by attacker Threat : Users who have full access to data lead to data manipulation Weakness : Denial of service attack on organization’s e-mail server

System/Application

1 Critical

Risk : Most likelihood of visiting the hazardous sites and download and introduce the malicious software. Threat : Unknowingly without their insight bring virus from USB drives which infects different PCs and whole organization Weakness : Intraoffice employee romance gone bad

User

3 Minor

Risk : If the system is infected malware may infect single system or entire organization through network and failure of hard drive may cause losing the data Threat : Workstation is vulnerable and open to malicious software Weakness : Workstation operating system (OS) has a known software vulnerability

Workstation

3 Minor

Risk : Any virus enters through Lan infect all the systems. Date which is transferred outside of network is not secure Threat : Attackers uses sniffers to capture and read all the data within the packets Weakness : Need to prevent rogue users from unauthorized WLAN access

LAN

3 Minor

Risk : An unnecessary open of firewall ports gives a way for hackers to access the internet from outside using a public IP address Threat : Hacker penetrates IT infrastructure through modem bank and gain access to internal network Weakness : Weak ingress/egress traffic-filtering degrades performance

LAN – to - WAN

1 Critical

Risk : Because of security gaps and software weakness servers might receive a cyber-attack by attacker Threat : Users who have full access to data lead to data manipulation Weakness : Loss of production data server

System/Application

1 Critical

Compliance Laws and Regulations

Health Network, Inc must comply with explicit laws and regulations to guarantee information security. Basically, the organization must exhibit the centrality of shielding information regarding all the customer. Moreover, with most organizations, the laws of government information security the official's security data regarding all the clients. Similarly, with most organizations, the laws of government information security the board showing are fundamental and Health Network, Inc. Must submit to them. FISMA helps relationship in ensuring that their information is secure. Medical coverage likelihood and duty act is the laws that Health Network must kept up due to the information set away in HNetExchange, HNetPay, and HNetConnect. HIPPA laws are basic in verifying wellbeing information. Moreover, Health Network must ahere to Work Health and security Act, Privacy Obligations and Government Information Act. Also, Payment card industry information security standard, Public interest disclosure, and state records act are vital.

References:

The seven domains of a typical IT Infrastructure. (n.d.). Retrieved from https://sis.binus.ac.id/2018/01/15/the-seven-domain-of-a-typical-it-infrastructure/

(n.d.). Retrieved from https://stevevincent.info/ITS305_2016_2.htm

What is Risk Management? What are the 5 Risk Management Steps in a Sound Risk Management Process? (2018, December 24). Retrieved from https://www.managementstudyhq.com/risk-management-steps-in-risk-management-process.html

Dcosta, A. (2018, November 18). An Example of a Risk Management Plan for Use on Any Project. Retrieved from https://www.brighthubpm.com/risk-management/5141-risk-management-plan-examples/

Homework is Completed By:

Writer Writer Name Amount Client Comments & Rating
Instant Homework Helper

ONLINE

Instant Homework Helper

$36

She helped me in last minute in a very reasonable price. She is a lifesaver, I got A+ grade in my homework, I will surely hire her again for my next assignments, Thumbs Up!

Order & Get This Solution Within 3 Hours in $25/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 3 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 6 Hours in $20/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 6 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 12 Hours in $15/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 12 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

6 writers have sent their proposals to do this homework:

Calculation Master
Engineering Help
Helping Engineer
Coursework Help Online
Top Academic Tutor
Write My Coursework
Writer Writer Name Offer Chat
Calculation Master

ONLINE

Calculation Master

I have read your project details and I can provide you QUALITY WORK within your given timeline and budget.

$49 Chat With Writer
Engineering Help

ONLINE

Engineering Help

I am an academic and research writer with having an MBA degree in business and finance. I have written many business reports on several topics and am well aware of all academic referencing styles.

$47 Chat With Writer
Helping Engineer

ONLINE

Helping Engineer

I will be delighted to work on your project. As an experienced writer, I can provide you top quality, well researched, concise and error-free work within your provided deadline at very reasonable prices.

$45 Chat With Writer
Coursework Help Online

ONLINE

Coursework Help Online

I have done dissertations, thesis, reports related to these topics, and I cover all the CHAPTERS accordingly and provide proper updates on the project.

$32 Chat With Writer
Top Academic Tutor

ONLINE

Top Academic Tutor

I have worked on wide variety of research papers including; Analytical research paper, Argumentative research paper, Interpretative research, experimental research etc.

$33 Chat With Writer
Write My Coursework

ONLINE

Write My Coursework

I have read your project details and I can provide you QUALITY WORK within your given timeline and budget.

$16 Chat With Writer

Let our expert academic writers to help you in achieving a+ grades in your homework, assignment, quiz or exam.

Similar Homework Questions

In what pursuit is solmization useful or important - Hcf health management programs - Baking soda and vinegar double replacement reaction - Wholesale cuts of goat - Gcu essay template - Week 3 Discussion Board - Attention getters for speeches about food - Research paper - Global forest resources assessment 2005 - Ib hl english essay example - What is a partial balance sheet - Companies can deal with the nonconvertibility problem of currencies by engaging in - Avondale lake macquarie campus - Gladd org - Cushy armchair case analysis - Smdc bin collection dates - Module 11 Final Exam - Origins reflection powerpoint - Erik erikson theory of personality development ppt - What is percent yield used for - Joel watson strategy instructor's manual - MLVA - How to get gre score above 300 - Impulse energy drink nutrition facts - United products inc case study - Drbcp - Psychology unit 2 aos 2 - Ethical dilemma in childcare - Jordan's furniture red sox promotion 2016 - Gesb retirement income allocated pension - Organizational behavior 4th edition pdf free - Organisational standards for creating business documents - The following measurements were recorded for the drying time - Camp lazlo camptown races - Front end rounding decimals multiplication - Article review 3 and Rough Draft - The genotype yy is an example of - Reg macmillanhighered launchpad student login - My ministry of pleasure - Nautical institute dp verification - With current technology suppose a firm is producing - Aladdin hasp license manager service - Global Citizen Journal - Expected cash collections in december are - Assignment 1 professional email message - Research article - Atcb code of ethics - Gm 5.7 lg sgi 638 - The last lecture essay - Basic aeronautical knowledge for the rpl pdf - Wall street journal redesign - Final DUE BY 12 Noon Sunday 10/11/2020 - Nutrition discussion - What is one common characteristic of legends - How to make histogram in excel mac 2011 - Nurs 6512 head to toe assessment - Essay Due Tonight - Gorka deli in orland park - Energy price fact sheet - Which of the following best describes a metal solid - Hp elite x2 1012 g1 hdmi - Southwood school case study analysis - Why cell phones should not be banned in schools - Dermot kennedy rough trade nyc october 9 - Www tracker software com - Www albion com netiquette netiquiz html - Assignment - Week 2 - Solubility curve graph maker - Briefly summarize the parable of the sower from mark 4 - Airport transfer booking form - Phantom profit - Hp elitedisplay e241i connectors - Describe the situation at lehman brothers from an ethics perspective - Bli bli soccer club - The giving of orders mary parker follett - Century marine pro 400 - Explanation of the three to four of the most important leadership concepts - How to add voiceover to imovie - Dr janet vaughan obstetrician reviews - What is a covalent compound - Tsum tsum auto heart sender group - Classroom Management Discussion - Functional testing electrical installation - Sentence starters for essay - Practice note sc gen 6 - Mountain view community hospital er diagram - The future value of $200 received today and deposited at 8 percent for three years is - Digital volt amp meter wiring diagram - Week Six - Correlations Exercises - Chemical properties of nylon 6 - Cyclohexene and bromine in ch2cl2 - Oreo ultimate dunking set rite aid - Sas 9.4 installation guide linux - 111 tucks road main ridge - John mulaney or cecil palmer quiz - Affirmative vs negative debate - Disaster Recovery - Statement of Purpose MSW - Cbus claim processing time