ISOL 533 - Information Security and Risk Management Project Task – 1 Risk Management Plan

ISOL 533 - Information Security and Risk Management RISK MANAGEMENT PLAN University of the Cumberlands Table of Contents PAGE Executive Summary --------------------------------------------------------------------------------------------------------- 3 Objectives ------------------------------------------------------------------------------------------------------------------------ 3 Threats and Vulnerabilities --------------------------------------------------------------------------------------------- 4 Cost Associated with Risks --------------------------------------------------------------------------------------------- 4 Cost-Benefit Analysis ----------------------------------------------------------------------------------------------------- 4 Figure 1 – Seven Domains -------------------------------------------------------------------------------------------------- 5 Table 1 – Risk-Threat-Vulnerabilities ------------------------------------------------------------------------------------ 5 Scope/Recommendations --------------------------------------------------------------------------------------------------- 6 Compliance Laws and Regulations -------------------------------------------------------------------------------------- 7 Key Roles and Responsibilities ------------------------------------------------------------------------------------------- 8 Schedule-POAM ---------------------------------------------------------------------------------------------------------------- 10 References ----------------------------------------------------------------------------------------------------------------------- 10 This study source was downloaded by from CourseH on :34:01 GMT -06:00 ISOL 533 - Information Security and Risk Management RISK MANAGEMENT PLAN University of the Cumberlands EXECUTIVE SUMMARY: Risk management plan is a document that the organization prepares to foresee risks, estimate impacts and to define responses to issues with a risk assessment matrix1 . The purpose of this plan is to identify potential risks before they occur and to be planned so that risks are handled throughout the project and to mitigate adverse events and finally to achieve desired objectives1 . Risk management plan is a continuous process and it is important part of any organization and management process to ensure that the risks and eliminated depending up on their severity and finally helps an organization to achieve the ultimate goal1 . Having an effective risk management plan helps identifying the risks at early stages and effectively eliminates it without any adverse effects. It is expected to have technical issued throughout the project and so every project should be ready with the plan to successfully complete the project within the timelines1 . Risk management can be divided in to Risk Planning, Risk Identification, Risk Assessment, Risk Response and Risk Monitoring. Having a perfect risk management plan helps organization in many different ways1 . Risk management plan identifies the strengths and weakness of the organization and also contribute to success by identifying the internal risks and external risks beforehand1 . Former President John F. Kennedy on