unit 4 db#1+ responses

profileYehyun Park
dbunit41.docx
Home>Computer Science homework help>unit 4 db#1+ responses

One common risk strategies once a risk has been identified is avoidance, which in large part involves establishing procedures beforehand to predict and avoid high-risk situations.* 

If avoidance is impossible, then another option is reduction.  This at least reduces losses due to the risk and can also reduce the probability of risk. 

Risk spreading is putting eggs in multiple baskets, so to speak.  If assets or information are spread out and one area of this is compromised, the full amount of whatever needs protection is not all in one place.

The fourth strategy is risk transfer, which is handing the risk to a third party, usually paying for protection of an insurance policy**. 

*(2019) The 4 Most Common Risk Mitigation Strategies. Retrieved from https://www.opuskinetic.com/2019/09/the-4-most-common-risk-mitigation-strategies/

**Robert, Fischer,, et al. Introduction to Security. Available from: Purdue University Global Bookshelf, (9th Edition). Elsevier S & T, 2012. 

the four strategies for managing risk once its identified are avoid, accept, mitigate, and Transference. these strategies are the core of risk management once a risk has been identified during a risk assessment. the first of these Avoidance refers to how a organization will maybe shut down a piece of equipment or patch software to avoid the vulnerabilities to that system or network so they avoid the risk. the next one may sound like you are doing something similar to avoidance this is mitigation this is ware you try and minimize the risk but don't eliminate the potential of a risk. an example of mitigation would be implementing a firewall to limit traffic to a part of an network you wanna keep secure. after that is acceptance this is where the organization completely accepts that the risk is some thing that they can live with because it might be cost prohibitive to implement a risk reducing or mitigating solution. lastly is transference this is were an organization will determine that the risk is better handled by a third party a good example that we talked about in class is the insurance field but in the tech field an example would be something like a cloud data storage company.

Chapple, M. (2021, July 23). Risk-based vulnerability management tools in the cloud. SearchSecurity. Retrieved October 18, 2021, from https://searchsecurity.techtarget.com/tip/Risk-based-vulnerability-management-tools-in-the-cloud.