10.28 Assessing Project Risk Factors

 < Day Day Up > 



The Risk Assessment assesses the system’s use of resources and controls (either implemented or planned) to eliminate or manage vulnerabilities that are exploitable by threats to the organization. It will also identify any of the following possible vulnerabilities:

  • Risks associated with the system operational configuration

  • System’s safeguards, threats, and vulnerabilities

  • New threats and risks that might exist and, therefore, will need to be addressed after the current system is replaced

  • Conformance with operational Security Policy

The risk assessment is a determination of vulnerabilities that, if exploited, could result in the following:

  • Unauthorized disclosure of sensitive information

  • Unauthorized modification of the system or its data

  • Denial of system service or access to data to authorized users

The following is a sample layout of the recommended table of contents for a risk assessment. The Core Team–appointed Risk Officer is responsible for completing this document.

Risk Assessment Executive Summary

1.0 Background  2.0 Purpose  3.0 Scope  4.0 Assumptions  5.0 Description of System        5.1         System Attributes        5.2         System Sensitivity  6.0 System Security        6.1         Administrative Security        6.2         Physical Security        6.3         Technical Security        6.4         Software Security 
      6.5         Telecommunication Security        6.6         Personnel Security  7.0 System Vulnerabilities        7.1         Technical Vulnerability        7.2         Personnel Vulnerability        7.3         Telecommunication Vulnerability        7.4         Software Vulnerability        7.5         Environmental Vulnerability        7.6         Physical Vulnerability  8.0 Glossary of Terms  9.0 Acronyms  Appendix A: Information Flow Diagram  Appendix B: Hardware Configuration 



 < Day Day Up > 



Managing Software Deliverables. A Software Development Management Methodology
Managing Software Deliverables: A Software Development Management Methodology
ISBN: 155558313X
EAN: 2147483647
Year: 2003
Pages: 226

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net