Risk assessment deals with the identification of risks in organizations and provide suitable solutions and framework for risk preventions and risk mitigation. In this case, ABC Company has been facing various risks due to poor management strategies. The use of the risks assessment involve various steps including risk identification, assessing risks, risk controlling and risk mitigation (Hillson & Murray-Webster, 2017). Risk Assessment has helped in providing smart approach in identifying a crucial role of risks in the projects. Risks are identified using risk assessment proves and analyzed properly with the management of proper related schemes. This help in planning various approaches to mitigate these risks in the project.
Figure 1: Pie chart showing impact of risks in ABC Company
(Source: Created by Author)
These steps help in analyzing risks involved in the ABC Company. The company needs to implement online loud storage for storing data and information. Risk identification process helps in finding different types of risks involved in the company. The company has been facing privacy risks in the management (Fiksel, 2015). The passwords of various private portals and data have been shared with the employees that creates privacy issue. The use of the internet has not been restricted for the employee. Therefore, this has been creating cyber threats to the company (Hopkin, 2018). The company has been facing storage issues in their operations. There have been issues in infrastructure of the ABC Company. The company needs to implement new software and operating systems with latest patches and use strong passwords for the systems. The maintenance of hardware and software elements of the company has not been appropriate. Data used to store on disks in the boxes. Data files and information are stored in the disk that might get corrupted. The company needs to implement several private databases where confidential data can be stored and passwords are kept secret. The company needs to implement new software and operating systems with latest patches and use strong passwords for the systems. In case, disks got corrupted, all data and information get lost. Therefore, this have been a high risk for the company. The company needs to implement new versions of hardware and software for increasing efficiency and security of systems. Workstations and passwords have been outdated and passwords are not strong and in the name of the machines. The security instrument of the ABC Company has been poor. The organization has been deficient in the security of different framework utilized. Thusly, there has been hazard evaluation done so as to deal with these risks (Harris, 2017).
The investigation of the risks infers that there have been need of security conventions to be executed in the ABC Company. The organization needs to actualize new programming and working frameworks with most recent fixes and utilize solid passwords for the frameworks. Documents and information and have been in peril because of shaky system approach. The organization needs to enhance the topology of systems and servers association (Sadgrove, 2016). The protection of information and data should be anchored legitimately. Workstations and passwords have been obsolete and passwords are not solid and for the sake of the machines. The hazard evaluation report has helped in surveying these risks with legitimate relief methodologies. The best administration of the organization should be dynamic in actualizing these moderation methodologies in the organization. The organization needs to execute a few private databases where classified information can be put away and passwords are kept mystery. The organization need to actualize Cloud stockpiling for reinforcement and recuperation framework. There have been various cyber-attacks on servers of the company. The risk register have been mentioned below:
|
Operational Risk no. |
Date Identified |
Operational Risk name |
Description of Risk (including any identified ‘triggers’) |
Impact or Consequences (Identify consequences ) |
Assessment of Likelihood |
Assessment of Seriousness |
Grade (combined Likelihood and Seriousness) |
Key Controls |
Assessment of Likelihood |
Assessment of Impact |
Mitigation Actions |
Action Owner |
Cost |
Timeline for mitigation action(s) |
Date Action Completed |
|
1 |
Please fill |
Data Threat |
Data files and information are stored in the disk that might get corrupted |
This might create a huge loss to the ABC Company in the market. |
4 |
4 |
H |
The company needs to implement online loud storage for storing data and information |
xxx |
The company needs to implement online loud storage for storing data and information |
The data administrator of the company is responsible for the change. |
$200 |
6 days |
Please fill |
|
|
2 |
Please fill |
Unauthorized usage |
The employees are able to access various private information of the Company. |
This create privacy issues in the confidential data and information of the Company. |
3 |
2 |
M |
The company needs to change the privacy attribute of data. |
xxx |
The company needs to implement several private databases where confidential data can be stored and passwords are kept secret. |
The data administrator is responsible for the mitigation strategy. |
$50 |
10 days |
Please fill |
|
|
3 |
Please fill |
Technical issues |
The infrastructure of the company has been poor and outdated. |
The functionality of the company has been degrading with the use of old versions of hardware and software. |
2 |
2 |
M |
The company have to change the version of software and hardware used in the system. |
xxx |
The company needs to implement new versions of hardware and software for increasing efficiency and security of systems. |
The R&D is responsible for implementing this mitigation strategy. |
$100 |
20 days |
Please fill |
|
|
4 |
Please fill |
Network issues |
The network security of the company has been poor. |
The network has been unsecure to cyber-attacks. |
5 |
5 |
H |
The company need to change the security policies. |
xxx |
The company needs to implement firewalls and antivirus for securing online data and information. |
The research and development team is responsible fir the implementation of this mitigation strategy. |
$75 |
11 days |
||
|
5 |
Please fill |
Recovery and backup |
There has been no backup and recovery system installed in the company. |
Lack in backup and recovery system might cause data loss to the company. |
4 |
4 |
H |
The company need to install backup and recovery store point in the system. |
xxx |
The company need to implement Cloud storage for backup and recovery system. |
The administration department is responsible for the implementation of this mitigation strategy. |
$50 |
14 days |
Please fill |
|
|
6 |
Please fill |
Topology issues |
The core networks and servers of the company have no network security and also connected with a single LAN cable. |
This might create issues in the network of the company and internet connection might be interrupted due to single LAN cable connection. |
3 |
3 |
M |
The company need to change network security policies and topology of the network. |
xxx |
The company need to install network security protocols and star topology for connecting several computers and servers. |
The management team needs to implement this mitigation strategy in the company. |
$50 |
9 days |
Please fill |
|
|
7 |
Please fill |
Password risks |
Workstations and passwords have been outdated and passwords are not strong and in the name of the machines. |
Lack in efficiency and security breach in the machines as machine names are used as passwords. |
3 |
4 |
H |
The company need to change software and operating system with active patches and change passwords |
xxx |
The company needs to implement new software and operating systems with latest patches and use strong passwords for the systems. |
The management department of the company is responsible for the implementation of these mitigation strategies. |
$100 |
7 days |
Please fill |
The security mechanism of the ABC Company has been poor. The company has been lacking in the security of various system used. Therefore, there has been risk assessment done in order to manage these risks (Harris, 2017). The analysis of the risks implies that there have been need of security protocols to be implemented in the ABC Company. The company needs to implement new software and operating systems with latest patches and use strong passwords for the systems. Files and data and have been in danger due to insecure network policy. The company needs to improve the topology of networks and servers connection (Sadgrove, 2016). The privacy of data and information needs to be secured properly. Workstations and passwords have been outdated and passwords are not strong and in the name of the machines. The risk assessment report has helped in assessing these risks with proper mitigation strategies. The top management of the company needs to be active in implementing these mitigation strategies in the company. The company needs to implement several private databases where confidential data can be stored and passwords are kept secret. The company need to implement Cloud storage for backup and recovery system. Cyber security has been the main concern for the ABC Company. Following are the recommendations for the ABC Company:
Firewalls: Firewalls are software that helps in restricting harmful malware from entering into the server. It also help in filtering flow of data over the internet. Firewall provides security to the servers and networks and create a virtual wall over it (Aven, 2016). Therefore, ABC Company needs to install firewall for restricting malware. The company need to install network security protocols and star topology for connecting several computers and servers.
Antivirus: Antivirus is a software that helps in detecting malware and viruses in the network and server. Antivirus helps in removing these malwares from the entering into the network. The company needs to implement new versions of hardware and software for increasing efficiency and security of systems.
Cloud Storage: The ABC Company needs to implement cloud services for storage and backup services. The Company needs to store their data and information over the Cloud that helps in easy use and securing a backup point over the internet (Djemame et al., 2016). This can be helpful in the maintenance of storage point over the cloud. The company need to implement Cloud storage for backup and recovery system. The use of the cloud storage has been helping in maintaining smart approach in the storage functions. The company needs to implement firewalls and antivirus for securing online data and information. Therefore this will help in providing security to the data and information stored over the internet.
There are few more recommendations that can be implemented by the ABC Company that are listed below:
Topology maintenance: The topology of the connections of servers and network need to be change in the ABC network. Currently, the company has been using only one LAN cable for connecting all the servers and networks (Biener, Eling & Wirfs, 2015). The company needs to change into star topology for connecting various servers and networks. The company needs to implement firewalls and antivirus for securing online data and information. The topology of the network needs to be maintained properly in the system so that use of the connection for implementing computers needs to be smart.
Management Information System: The Company needs to implement proper management information system that might help proper management of different attributes and operations ion the company. This might help in digitalizing the Company over the Internet. The company needs to implement new versions of hardware and software for increasing efficiency and security of systems.
Virtual private Network (VPN): The Company might use a virtual private network that will help in hiding the original IP address of the local host. The use of the VPN create new IP address that cannot be traced by the hackers over the internet. The company needs to implement new software and operating systems with latest patches and use strong passwords for the systems.
References
Aven, T. (2016). Risk assessment and risk management: Review of recent advances on their foundation. European Journal of Operational Research, 253(1), 1-13.
Biener, C., Eling, M., & Wirfs, J. H. (2015). Insurability of cyber risk: An empirical analysis. The Geneva Papers on Risk and Insurance-Issues and Practice, 40(1), 131-158.
Djemame, K., Armstrong, D., Guitart, J., & Macias, M. (2016). A risk assessment framework for cloud computing. IEEE Transactions on Cloud Computing, (1), 1-1.
Fiksel, J. (2015). From risk to resilience. In Resilient by Design(pp. 19-34). Island Press, Washington, DC.
Harris, E. (2017). Strategic project risk appraisal and management. Routledge.
Hillson, D., & Murray-Webster, R. (2017). Understanding and managing risk attitude. Routledge.
Hopkin, P. (2018). Fundamentals of risk management: understanding, evaluating and implementing effective risk management. Kogan Page Publishers.
Sadgrove, K. (2016). The complete guide to business risk management. Routledge.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download