• +1 (317) 799-6577
  • support@sharksavewriters.com
Hire Writer

Risk Analysis 

Risk Analysis

By

[Name of Student]

 

 

 

Course

Professor

[Name of Institution]

 

 

 

 

 

 

 

 

 

 

October 20, 2020

Q 1

Three main steps should be carried out to run a quantitative analysis. The first step is to estimate potential losses, including calculating single loss expectancy by multiplying it by assets value to calculate the exposure factor (Gregg, 2005). The next step is to find an annual rate of occurrence (ARO), which states how many times certain risks will occur. Third and the last step is to Annual Loss Expectancy (ALE).

Similarly, to calculate qualitative analysis, five steps needed to be carried out. The first step is to identify all the risks. The second step is to estimate the probability of the likelihood of there occurring. The next step is to identify the impact of these risks and calculate how much damage they will cause. Then it is essential to calculate the risk matrix and then calculate the potential risk response.

 

Q2

A vulnerability is a weakness in the system that an attacker can use to infiltrate the system. Exposure is considered the weak point in the method used to enter the system. a threat is, however, any Risk that can destroy or ruin the system’s sanctity.

A threat agent is an individual or an association that has an unmistakable Risk to a framework. It additionally incorporates different elements like catastrophic events or mishaps that can destroy the respectability of the framework. Essentially, anything that has the thought process or goal of demolishing the framework comprises a threat agent (Janev & Bogdanoski, 2015).

Risk can be clarified as an unsure function that occasionally can or can’t be anticipated. Risks can be both positive just as negative. Any function that can’t be anticipated when or how it will happen is comprised of a Risk. Exposure is a condition in which a system is vulnerable to attacks. Controls are the measure taken to ensure safety. Management, Operational, and Security are three types of controls.

 

Q3

The four ways to handle risks are risk avoidance, risk prevention, risk retention, and risk transfer. Risk avoidance is the technique in which all the possible risks a company faces are calculated, and then suitable measures are taken to avoid those risks. In this technique, the goal is to avoid risks so that they are never faced.

Another risk handling technique is known as risk prevention. In this technique, risks cannot be avoided. In this technique, there is a need for risk prevention. The organization should know what risks will occur, and there should be strict measures to prevent the system from damages of that risk.

Another technique is risk retention. In this method of risk handling, those risks which can never be avoided are dealt with. If you connect to the internet, there is no guarantee that you will not face risks. So, having a strong firewall is part of risk retention.

The last technique is risk transfer, in which risk is transferred to another medium. It can be done easily in cloud computing.

References

Gregg, M. (2005). CISSP Exam Cram 2. Pearson.

Janev, M. H., & Bogdanoski, M. (2015). Handbook of Research on Civil Society and National Security in the Era of Cyber Warfare. Macedonia: IGI.

 

 

error: Content is protected !!