Computer security and risk management Essay Example | Topics and Well Written Essays - 2750 words

calculator security and risk management - Essay ExampleThis paper presents a Risk Management methodology for multi-national pharmaceutical company in Midlands pertaining to protection of the Information assets and the corresponding business assets of the organization against the known threats to the organization. accounting entry Risk Management is an intelligent mix of qualitative and quantitative analysis. The qualitative analysis procedure basically requires establishment of a structured and logical assessment framework whereby metrics are assigned to all(prenominal) parameter that is being assessed. The analysis against the metric aims needs to be quantitative base on past times experiences (data available), industry experiences (case studies), advice from consultants and internal brainstorming. Every level needs proper justification to a deep level such that serious risks do not remain un-noticed and also meager risks do not restore projected to the management as serious simply because they are more talked about in the organization.In this paper a systematic Risk Management procedure is being presented in detail and utilize to the case schooling. The workflow of risk management has been arrived at after a study of National form of Standards and Technology), BS ISO/IEC 270012005 standard and ISO/IEC 177992005 code of best practices. These approaches recommend that the asset values are calculated based on Confidentiality (C), Integrity (I) and Availability (A). Thereafter, the comprehensive list of threats to the business are listed down such that the overall threat value, probability value, vulnerability value and risk value can be calculated for each asset (Olzak, Tom, 2008).Risk Assessment Process The Risk Management Process proposed in this case study has been presented in the figure below (Figure 1). This methodology requires that all the assets are first collated and their characterization is done in terms