Assignment 1

Week 1 Essay Questions

Student’s Name:

Institutional Affiliation:

Week 1 Essay Questions

Question 1

There are six steps in quality risk assessment. First is the threat identification and valuation. The asset valuation is the financial value based on the cost plus the other expenditures that are not linked to currency (Rescher, 2014). Threats are the possible actions which might cause undesirable effects on the results. The second step is to list of threats is listed, and the EF exposure factor is calculated plus the SLE (single loss expectancy). The SLE formula is provided below:

SLE = AV * EF

Third step is to conduct the analysis of threat chances that every risk happening annually as the ARO (an annualized rate of the occurrence)

The fourth step is building of the general loss of potential for each threat through computing the ALE (annualized loss expectancy). The formula of ALE is:

ALE = SLE * ARO

The fifth step involves the research count reactants for every threat that have been analyzed.

The last step is the tool of project management referred to as the analysis of the cost-benefit.

Qualitative risk assessment is a exact method because it is based on probable proportions. It is done through the addition of the monetary value to every threat and assets.

Question 2

Risk – it is the possibility of threat happening and probably exploiting the vulnerabilities for disrupting the assets.

Threats – are the probability of an action that would create unwanted outcomes.

Vulnerability – The limitation, error, oversight, flaw or weakness of the infrastructure or asset.

Risk Exposure – is the quantified loss of the business potential

Control – is the administration of the full collection of tasks that permit right of entry to the official users and prevents unauthorized right of entry to the resources to the individuals not allowed.

Preventative Control – Is to regulate the access to the authorized users and also block the unauthorized users from accessing the resources and facilities within the business.

Deterrent Control – is the passive method for control that relies only on the technique and not the direct action from persons.

Detective Control – they are meant to identify the unauthorized activity; however after it has happened already.

Question 3

Risk Mitigation: reduction of risk involves placing safety safeguards to eliminate vulnerabilities (Raftery, 2013).  Selection of the effective method for mitigating the risk is recommended. Elimination of the hazards avoids disrupting vulnerabilities.

Risk acceptance: it is the valuation of the cost-benefit analysis by the management of the probable safeguards and the establishment that the countermeasure expense outweighs the likely costs of the loss because of risk.

Risk Assignment – Assignment of risks is the placement of the costs linked with the risks representing the other organization or entity. In other occasions, risks are conferred to the companies of insurance for transferring risks.

Risk rejection- the final resort is to ignore the risk. It is the assumption that the business will not be faced with uncertainty. Risk rejection could lead to disaster, and it is not always selected as the best option.

References

Raftery, J. (2013). Risk analysis in project management. Routledge.

Rescher, N. (2014). Risk: A philosophical introduction to the theory of risk evaluation and management.