- Define the acronyms SLE, ARO and ALE. Based on the readings identify and include a formula (after the definitions) which uses the acronyms to calculate a quantitative risk.
- Once a risk assessment has been completed, concisely list in bullet point format the five actions you can use to reduce the risk. Briefly describe how staying on task, meeting deadlines, and utilizing feedback can each have a positive impact on reducing risk and promoting positive results in a group setting.
- Risks associated with state-of-the-art technologies should be carefully assessed. In a short essay examine the risks associated with cloud computing and virtualization and provide two recommendations to your management.
- Review the Website Security Policy in the scenario. In a short table match the five key areas of a good policy with the example below. Where does it match? Where can it be improved?
Website Security Policy Scenario
The following policy is included with the use of this website. This site collects personal information from you when you register, including a record of your email address. We also may collect IP addresses and domain names of users of this site to measure the number of visits and time spent on the site. We may occasionally ask you to complete surveys for research purposes.
“Cookies” may be used in connection with this website. A cookie is a small amount data sent to your browser stored on your computer’s hard drive. Using cookies enables us to collect data without your express knowledge or approval. Most browsers are initially set to accept cookies but you can change the setting to refuse to allow cookies.
We may provide the information we collect through this site to business partners. We may also use the information to inform you of new products, services, or promotions. We will not share personal information you submit to third parties unless ordered to do so by a legal authority.
Any questions regarding this policy should be directed to the management.
- Based on the threats to information systems in four dimensions by Loch, Carr, and Warkentin referenced in your reading, briefly identify the threats to security posed by Bradley Manning. Include the consequences of his action.
- List the key roles of the personnel who should support and participate in the Risk Management process. As a CIO, discuss how you will promote reliability, accountability, and timeliness in a group work setting and why these should be included in a risk response plan.