SEC280 Mitigating Risk Course Discussions

$4.50

SEC280 Mitigating Risk Course Discussions
Your CEO says to you, “You mentioned that risks always exist. If I take enough measures, can’t I eliminate…

SKU: SEC 280 Mitigating Risk Categories: , Tags: , , ,

Description

SEC280 Mitigating Risk Course Discussions

SEC280 Mitigating Risk Course Discussions

Week 7 All Students Posts 12 Pages 

Your CEO says to you, “You mentioned that risks always exist. If I take enough measures, can’t I eliminate risks?” Explain why risks always exist. What are some of the ways you can quantify risk in order to determine how and where to take measures e.g. spend money?
In addition to mitigating risk or transferring risk, it may be acceptable for a manager to accept risk in that despite the potential cost of a given risk and its associated probability, the manager of the organization will accept responsibility for the risk if it does happen.

The manager accepts the risk that the programmer could possibly make unauthorized changes because of the high-availability requirement of that system.

There should always be some additional controls such as a management review or a standardized approval process to ensure the assumed risk is adequately managed.

One final thought to keep in mind is that the risk itself doesn’t really change, no matter what actions are taken to mitigate that risk.

Actions can be taken to reduce the impact of that risk if it occurs…