UrRISK01 In Class Exercise.

Slides:

Advertisements

Similar presentations

Revenue Models and the Business Plan in E-Commerce Back to Table of Contents.

Advertisements

Introduction to Business

November 17, Critical Risk Identification System (CRIS) United States Department of Agriculture Office of Homeland Security & Emergency Coordination.

Security in Practice Enterprise Security. Business Continuity Ability of an organization to maintain its operations and services in the face of a disruptive.

Chapter Three IT Risks and Controls.

The Risk Adverse Property Management Firm Understanding the risks to your business and methods to manage those risks.

Chapter 3 資訊安全管理系統. 4.1 General Requirements Develop, implement, maintain and continually improve a documented ISMS Process based on PDCA.

October Training 8 HR Ref. Content Overhead Utilities Risk Assessments Task Safety Environmental Analysis Health and Safety Plan Components of a HASP Questions?

Policy Review (Top-Down Methodology) Lesson 7. Policies From the Peltier Text, p. 81 “The cornerstones of effective information security programs are.

Dr. Benjamin Khoo New York Institute of Technology School of Management.

Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.

Insert: Title of Improvement Read Out Date:. 2 Objectives for Today’s Session Share results of improvement effort Demonstrate fact-base, analytical approach.

Introduction to Accounting Topic 1 10/26/2015Topic 1: Introduction to accounting.

Business Continuity Program Orientation (insert presentation date) (This presentation is a template that requires adjustments to meet your needs)

Parts of a Business Plan There are 16 essential parts to a business plan It can vary but you want it more specific as opposed to less specific Part one.

Personal Professional Development and Vocational Practice Professional Development Log BTEC Care Year Two.

Principles of Information Security, Fourth Edition Risk Management Ch4 Part I.

Security Methods and Practice Principles of Information Security, Fourth Edition CET4884 Planning for Security Ch5 Part I.

Primary Steps for Achieving ISO Certification.

For More Best A+ Tutorials CMGT 400 Entire Courses (UOP Course) CMGT 400 Week 1 DQ 1 (UOP Course)  CMGT 400 Week 1 Individual Assignments.

COMM 400 Week 1 Individual Communications Evaluation and Analysis Check this A+ tutorial guideline at

EDU 623 Week 2 Assignment Writing and Researching Skills Self Assessment Check this A+ tutorial guideline at

Emergency Preparedness and You:

MGT 418 EDU Learn Do Live/mgt418edu.com

MGT 418 EDU Life of the Mind/mgt418edu.com

Project Planning: Scope and the Work Breakdown Structure

Unit 09 Computer Networks

Disaster and Emergency Planning

Chapter 1 Introduction to management accounting

Leaders Facilitate the Planning Process

Project management Essentials

IN-CLASS EXERCISE #3 COVER SHEET WITH: “IN-CLASS EXERCISE #3” THE DATE

Unit 3 Introduction to Marketing

TechStambha PMP Certification Training

IS4680 Security Auditing for Compliance

SENL AMO sessions: Problem statement

Unit – iii Sources of product for business

Project Statement John Chandy

A Thread Relevant to all Levels of the EA Cube

What is recrutimemt?.

Accounting and Finance Unit 4

CMGT 431 Competitive Success/snaptutorial.com

BUS 521 Innovative Education-- snaptutorial.com

MGT 418 EDU Lessons in Excellence-- mgt418edu.com.

CMGT 431 Education for Service-- snaptutorial.com.

CPMGT 300 STUDY Lessons in Excellence--cpmgt300study.com.

CMGT 431 Education for Service/tutorialrank.com

CMGT 431 Teaching Effectively-- snaptutorial.com.

CMGT 431 STUDY Education for Service- -cmgt431study.com.

CMGT 400 Education for Service-- tutorialrank.com

MGT 418 EDU Education for Service-- mgt418edu.com.

SAFETY RISK ASSESSMENT (JSA)

IS4550 Security Policies and Implementation

Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.

IS4550 Security Policies and Implementation

مناهــــج البحث العلمي

Course aims The aim of this course is to introduce prospective managers and leaders in the tourism industry to the essentials of the research process.

Team Charter Project Name: Executive Sponsor: Project Purpose:

BUSINESS PLAN AND SOURCES OF FINANCING

The Teen Entrepreneur Show Me The Money!.

IS Risk Management Report (Template)

Read to Learn Describe how to prepare for your own business. Discuss the parts of a business plan.

Employee engagement Delivery guide

Read to Learn Describe how to prepare for your own business. Discuss the parts of a business plan.

Business Continuity Program Overview

Systems & Technologies of Business Intelligence

With Listening.

Project Overview.

Radiopharmaceutical Production

Presentation transcript:

UrRISK01 In Class Exercise

I. Risk Assessment Introduction Purpose Why important? Try to “quantify” value, threats, vulnerabilities Scope Scope of this risk assessment Describe “security context”; Specify point of view (POV) Key statement binds your team, project sponsor, and customer. Defines areas included, and excluded from study. “Describe the system components, elements, users, field site locations (if any), and any other details about the system to be considered in the assessment.”

Select & Narrow the Scope http://www.personal.psu.edu/ejg8/class/sra311/Wk01_AssessmentRiskTypes.jpg

Professional Business Writing Student Example http://www.personal.psu.edu/ejg8/class/sra311/EmailID_EmailID_UrRISK01.pdf Cover Sheet Introduction: a) Purpose b) Scope (what is and is not included in study) APA Reference List Use “Knightcite APA” http://www.calvin.edu/library/knightcite/index.php?standard=APA Attachment 1: Fact/Information Sheet Research! (avoid starting from scratch) Professional Business Writing

Security Context Example These three study levels, presented on our SRA 111 Planning Cube, are personal, enterprise, and national Security Context

Owner, customer, public, first responders, employees, etc. Point of View? Owner, customer, public, first responders, employees, etc. POV?  Assets  Hazards

W/One Partner, Select ONE Area (then drill down to a very narrow scope) QUESTIONS Who is “protector/customer” (i.e., name and title of person that “hired” you to conduct the risk assessment) What point of view did protector assign? What “scope” of hazards will you evaluate? What “scope” of hazards will you NOT evaluate?