Risk Management in Your Organization


Information Technology has found great use in any organization and is an important part of business. In this environment of today’s high use of technology, organizations are becoming increasingly dependent on information systems. The number of threats to information systems is on the rise.
What would you do if? you have been hacked

Risk Management: The process of identifying and controlling risks that organizations face.

Risk Identification: The process of checking and documenting the state of security of an organization’s information technology and the risks it faces.

Controlling Risk: The application process controls to reduce risks to data and information systems.

Know yourself: Identify, verify and understand all information and information systems currently in place

Know the enemy: identify, verify and understand any threats that may face your organization

Identification of risk
Organization’s assets are different objectives threats. Risk management process involves identifying assets   the organization and identify threats / Vulnerabilities. Risk identification process begins by identifying the assets of the organization and assignment of values for each asset.

Identification and Evaluation of Assets

Begins with the identification of assets, including all elements of the system of an organization as: people

The data

Software

Hardware

Networking

Asset classification and prioritization

Many organizations have schemes of classification of data (eg Confidential, internal and public).

Identification of Vulnerability

Specific routes that threat can exploit to attack an asset called vulnerabilities. Consider how each threat can be carried out and lists them assets and vulnerabilities of the organization. At the end of the process of risk identification, asset lists them and their weaknesses.
There are three categories for control: policy, programs and technologies.

After the risks be ranked, one of five strategies for the control of each risk need to solve:

Protection
Transfer
Reduction
Acceptance
Termination

Advertisements

About Buja Atdhe

CEO of the platform
Gallery | This entry was posted in Risk Management and tagged , , , , , , . Bookmark the permalink.

3 Responses to Risk Management in Your Organization

  1. Does your blog have a contact page? I’m having trouble locating it but,
    I’d like to shoot you an email. I’ve got some suggestions
    for your blog you might be interested in hearing. Either way, great website and I look forward to seeing it expand over time.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s