430 W5 DQ2 JM

profileRiri01
430W5DQ2JMreplytoresponses.docx

REPLY TO RESPONSES

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

A Jacob

Good evening Professor Ligon and class,

 It is now more common to see organizations shift their work from hard copies to digital copies for our personal records. With this continuous shift of standard operating procedures, there is now twice as much risk as before. Risk management is what was created to better support mitigation of these risks to have a better understanding of what an attacker might be doing to you.  What is important to remember is that “Risk Management has gone from a reactive and independent function to one that is at the forefront of strategic decision-making, integrating its own best practices and standards” (CareersinRisk.com, 2019).

Any bad event that is the result of an applied risk value could mean a lot of harm to the information systems. Even with positive or negative results being possible, these failures will stay towards having adverse impacts. FIPS 199 is a standard that alongside risk management will determine the risk levels on how the risks react to failure. “FIPS 199 distinguishes among low, moderate, and high potential impacts corresponding to “limited,” “serious,” and “severe or catastrophic” adverse effects, respectively” (Talabis & Martin, 2013). These impact ratings have a big hand in how things play out here. There are also a lot of factors going into this such as external policies and regulatory mandates that can change the implementation of controls in the area. Different security controls are then needed to have accurate communication with the systems risk values that you have established already.

B Aaron

Afternoon,

Effectively measuring the risk value of an asset within an organization is for proper planning, preventive losses, and measure of assets returns. Effective asset risk management doesn’t remove all risks unless that is what is needed. This process is to understand the company assets whether its tangible or intangible or a physical product to help make the right decision in managing the risks that laid bare. Assessing risks comprises the qualitative assessment and quantitative measurement of individual risks which includes the interrelationship of the effects (Kassa, 2017). Effectively measuring will also help plan for emergencies because a risk would most likely occur with a asset. The impacts of inaccurate communication of an information system because of improper interpretation of court, long-term damage, misinformation and miscommunication, and customers and stakeholders’ dissatisfaction. Improper interpretation of court could lose court cases as a result of inaccurate communication and long-term damage could result in sudden huge losses and would take a long time to recover from because of an important point could have been missed that could have been averted.

C Cody

Hello Professor Ligon and Class,

Measuring the risk value of each asset within an organization is a very crucial task that needs to be accomplished when assessing all risks of an organization. This is where each risk is then assigned a value based on how big of a risk it may pose to an organization. The reason why an organization would do this is because they may then know which risks to tackle first and which risks may be left alone due to not enough money in their budget to fix everything. When communicating an information system's risk value, this information needs to be very accurate. If inaccurate communication occurs when figuring out an information system's risk value, then certain risks may have a greater potential of being exploited. Sometimes risks arise that are so new and that have such a high risk value that they need to have all hands on deck to be mitigated immediately. If a high value risk is organized in the wrong way due to inaccurate communication, then it may not be mitigated in time due to inaccurate prioritization. This would be something that needs to be avoided at all costs when assessing risks within an organization.