Home
Subjects
Solutions
Create
Log in
Sign up
Upgrade to remove ads
Only ₩37,125/year
- Social Science
- Sociology
- Management
Review terms and definitions
Focus your studying with a path
Take a practice test
Get faster at matching termsHow do you want to study today?
Flashcards
Learn
Test
Match
Terms in this set (11)
What is the risk management?
Risk management is the identification, assessment, and management of risks to an organization's operations and determining how those risks can be controlled or mitigated and decide who is responsible for implementing.
List and describe the key areas of concern for risk management.
• Risk identification: is the early and continuous identification of incidents before they occur, or have negative impacts on an organizations ability to operate.
• Risk assessment: document and evaluate cost and prioritize low to high risk and implement in order of importance.
• Risk control: s the method by which firms evaluate potential losses and take action to reduce or eliminate such threats.
Why is identification of risks, through a listing of assets and their vulnerabilities, so important to the risk management process?
It is important so management can know the value of the company asset and what losses will be incurred if it is compromised.
According to Sun Tzu, what two things must be achieved to successfully secure information assets?
To reduce risk in an organization, the organization must know itself and know its enemy.
Who is responsible for risk management in an organization?
Risk management is the responsibility of senior managers within each department.
Which community of interest usually provides the resources used when undertaking information asset risk management?
The community that usually takes the lead in information asset risk management is management. Management must begin the identification process for threats\risks to the company
In risk management strategies, why must periodic review be a part of the process?
In risk management strategies, periodic review must be a part of the process because threats are constantly changing for a company.
Why do networking components need more examination from an information security perspective than from a systems development perspective?
Networking components need more examination from an information security perspective than from a systems development perspective because networks are often the main point of attack and should be treated as a critical risk whilst the systems development needs to be considered separately.
How many threat categories are listed in this chapter? Which do you think is the most common, and why?
There are twelve threat categories listed in this chapter. The most common is human error because this is the hardest to control.
What are vulnerabilities?
Vulnerabilities are opportunities for a threat to become a real issue or problem and can be caused by software, hardware or human behavior.
11. Describe the TVA worksheet. What is it used for?
The TVA work sheet (threats vulnerabilities assets) is used as a risk assessment tool that lists assets and their vulnerabilities into low and high priority within a company. This is then used to decide
Sets with similar termsCH4: Risk Management
26 terms
yytdorothy
Ch 8: Risk Management: Identifying and Assessing R…
9 terms
anb201
ARM 54 Chapter 2
35 terms
kboyce7
Internal Audit Ch. 4 (Risk Management)
10 terms
awesomeamyjo
Sets found in the same folderExternal business factors
40 terms
issie_
How to Register your Business
24 terms
prezil_ong
Chapter 2- Risk Management and the Organization
25 terms
Alex_Factor
Risk Management
36 terms
PMPMartin
Other sets by this creatorContingency Planning
17 terms
Leanne547
Security Policy
17 terms
Leanne547
Risk Control
16 terms
Leanne547
Other Quizlet setsEC 202 Exam 1 Review
37 terms
charrliegrybas1
Fourth Amendment Quiz 5/3/18
20 terms
Kaylie_Moskovit
Dentistry Exam 2
35 terms
djjazzyjessica
Related questionsQUESTION
having a control system reduces the scope of employee empowerment and autonomy. true or false
3 answers
QUESTION
T or F: In the context of budgetary control, an expense budget includes anticipated and actual expenses for each responsibility center and for the total organization.
2 answers
QUESTION
A manager's job is all about personal achievement?
15 answers
QUESTION
This organization was started in response to a perceived need for more comprehensive information about the extent in nature of crime in the United States
2 answers