EM202358SOP327PM
EM202358SOP327PM
EM202358SOP327PM
RISK MANANGEMENT
2
Introduction
The goal of this study is to ensure that GLOBE INDUSTRIES receives the best product available
so they can establish a presence on the worldwide market and outperform their regional rivals.
The best feasible handling of any kind of vulnerability or threat should always be the top
priority. In the corporate world, confidentiality, integrity, and availability are essential and must
always be preserved (Tripathy, 2020). A system's tendency to be vulnerable can make it possible
for hackers or other undesirable users to get access to it. It can result in a lot of trouble, like
GLOBE INDUSTRIES losing crucial information or private papers that could have been
gathered and belonged to a client or an employer. Risks and vulnerabilities are divided into two
categories, starting with small ones. A LOW impact threat might be considered minor, and as the
threat's intensity expands to MODERATE, consequently does the category moving up to major
impact which is HIGH, and the most serious of the classifications. Recognizing the system being
utilized, the potential hazards it may pose, and how to counteract those threats constitute the risk
assessment's key goals.
The User domain, one among the domains containing the more frequent risk factors, is where the
risk impact analysis of each of the domains of a typical IT system begins. Users running these
risks might receive malicious emails, download malicious files, disregard strict password policy
guidelines, or be careless with information and leave sensitive data lying around the office
(Tripathy, 2020). Workstations are frequently the target of attacks. This domain could give a
hacker access to system flaws that would enable a more serious intrusion into the network's
internal systems. As it comes to the technology infrastructure, the LAN domain represents a very
challenging area.
service interruption, it might affect how the workplace is maintained and slow down
productivity.
Probability score
Risks (0% - 100%) Impact (1 - 100) Risks Score
Corruption data 50% 20 10
Access of unauthorised 19% 70 13.3
Phishing 11% 52 5.72
Remote access 14% 15 2.1
Software vulnerability 60% 30 18
4
Risks
Likelihood Corruption Access of Phishing Remote Software
data unauthorised access vulnerability
Certain (90%) High Moderate Moderate Moderate High
Likely (50 – Moderate Moderate Low Moderate High
90%)
Moderate (10 – Moderate Low Low Low Moderate
50%)
Unlikely (3 – Low Low Low Moderate High
10%)
Rare (3%) Low Low Low Low Low
Mitigations Considerations
The cost of using a DMZ to reduce direct access depends on whether a foundation is built up and
whether additional hardware is needed (Dubrawsky et al., 2006). Time requirements should be
minimal if only the firewall needs to be set up. The works improve operational security by
reducing potential attack vectors inside the organization, with little to no negative impact on
operations.
The overall cost for using a separate location that utilizes an alternate ISP relies on the additional
local system support, a secondary ISP, or platform environment. This depends on whether
physical offshore auxiliary systems or cloud-based systems are chosen. With the exception of
taking into account a brief vacation if the primary frameworks are upset, there is no impact on
daily duties. While there may be some negative effects from limiting access to dynamic remote
meetings, there is also a beneficial result from increased security measures reducing potential
attack routes.
Depending on how frequently business implement or change the policy, it shouldn't take too long
to implement the Heavy Employee policy for GLOBE INDUSTRIES. Good effects on defining
the norms that must be followed as well as enabling a happier workplace.
5
Conclusions
While creating a risk management plan, the priority level identifies which risks or vulnerabilities
are major versus those that are small. If the critical situation is not managed effectively, it usually
results in a more dangerous situation. Because of this, GLOBAL INDUSTRIES must have
mitigation and prevention in place. For an effective IT plan, use this comprehensive and simple-
to-follow IT risk management plan.
6
References
Dubrawsky, I., Tate Baumrucker, C., Caesar, J., Krishnamurthy, M., Shinder, T. W., Pinkard, B.,
Seagren, E., & Hunter, L. (Eds.). (2006, January 1). Chapter 11 - DMZ Router and Switch
Security. ScienceDirect; Syngress.
https://www.sciencedirect.com/science/article/pii/B9781597491006500123