Verified Document

Risk And Vulnerability Analysis Research Paper

Threat Identification The threats

How the threats are detected

Ever since the September 11, 2001 terrorist attacks, businesses have had to critically rethink on the level of adequacy of their disaster recovery arrangements in relation to their business continuity plans as noted by Lam (2002,p.19). The September 11, 2001 tragedy effectively highlighted the importance for organizations to continue with their commercial operations even under the most exceptional of circumstance. My business which has a considerable e-commerce operation is particularly vulnerable to the IT related threats. It is therefore crucial that these threats be identified and eliminated or mitigated before they result to loss of revenue.

In my business, I face several threats. However, the ones that I consider most dominant are technology threats and information threats. These threats can cause a major disruption to the to business continuity planning (BCP) cycle. Technology threats include natural disasters like fire and flooding, system failure, network failure, virus attack as well as network and system flooding (Distributed denial of service attack-DDoS attack ). Information threats on the other hand include...

These are factors which can lead to information loss, unauthorized access as well as alteration of information.
In our organization, a worse case scenario analysis indicates that system failure and information hacking are the most common threats that can effectively cripple the operation of the organization.

The threats

Business threat 1: System failure

This is a threat to business continuity that affects technology as a resource.

Failure scenario1: Failure affecting some servers with a repair time of between 1 to 2 days.

The business continuity strategy to avert such a system failure

In order to ensure that operations continue in our organization, there is a need for a third party maintenance and support agreement to be signed with a reliable company. There is also a need to have an emergency third-party support agreement that involves an on-site response within the shortest time possible. There is also a need for our business to have redundant servers on standby.

Failure Scenario 2: Failure affecting all serves with a repair time of…

Sources used in this document:
References

Lam, W (2002).Ensuring Business Continuity. IT Pro. Available online at http://paul-hadrien.info/backup/LSE/IS%20490/Ensuring%20Business%20continuity.pdf Accessed on 3/5/2012

Snedaker, S (2007). The Best Damn IT Security Management Book Period. Syngress
Cite this Document:
Copy Bibliography Citation

Related Documents

Risk and Vulnerability Analysis
Words: 1408 Length: 4 Document Type: Research Paper

Risk Management Risk and vulnerability analysis Risk can be defined as a prediction of future events and their outcomes and consequences. Initially, as these predictions are being made, there is no guarantee that these event will actually occur. At this point, it becomes vital to apply probabilities in order to determine the likelihood of the event occurring. Risk analysis, therefore, is a process of describing risks involved in any situation or organization.

Risk Assessment Analysis of Phishing
Words: 741 Length: 2 Document Type: Research Paper

This means that you must train employees how to identify various forms of phishing. At the same time, you must implement some kind of security procedures that will place a restriction, on how personal information is distributed. For example, employees could be trained in spotting various kinds of fictitious emails. However, when they run across an email like that is requesting information, there would be a procedure where the

Social Vulnerability Analysis
Words: 580 Length: 2 Document Type: Research Paper

Social Vulnerability Analysis Compare and contrast your findings based on your research and provide a summary. Describe the correlation between environmental and socioeconomic risk and vulnerability for the counties you selected. This is Part III of the Social Risks and Vulnerabilities Project. St. Lawrence County, New York State and Missoula County, Montana were chosen from the Hazard Vulnerability and Risk Institute web site because they have similar population size but are from

Risk of Climate Change Implications for Architects and Engineers
Words: 6494 Length: 25 Document Type: Research Paper

Risks of Climate Change THE RISK OF CLIMATE CHANGE: IMPLICATIONS FOR ARCHITECTS AND ENGINEERS Climate Change Impacts on Engineering Infrastructure Key Impacts on Water and Resources Risk Management Analysis Coping Methods Possibility And Probability Theories Recommendations And Guidelines For The Vulnerability Of Climate Change Impacts Using Risk Management Methods And Analysis THE RISK OF CLIMATE CHANGE: IMPLICATIONS FOR ARCHITECTS AND ENGINEERS This work examines climate change in relation to impacts upon infrastructure, utilities, and water in relation to the

Risk Assessment Report
Words: 4539 Length: 17 Document Type: Term Paper

Risk Assessment at the Wal-Mart Stores Inc. Industry and company information Risk assessment System characterization Threat identification Vulnerability identification Control analysis Likelihood determination Impact analysis Risk determination Control recommendations Concluding remarks Bibliography (Annotated) The current economic climate is more challenging than ever and economic agents face incremental difficulties in registering profits through the serving of a population with a decreasing purchasing power. Nevertheless, in a context in which most economic agents register decreasing revenues, America's number one retailer -- Wal-Mart -- registers growing

Risk Identification in Information Security
Words: 5004 Length: 15 Document Type: Thesis

Phishing Spear Phishing and Pharming The following is intended to provide a very brief overview of examples of some the most dangerous and pervasive security risks in the online and networked world. One of the most insidious of identity theft is known as phishing. The term 'phishing' refers to the practice of "fishing for information." This term was originally used to describe "phishing" for credit card numbers and other sensitive information

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now