August 25, 2022

Create a company risk assessment matrix fo

Following the example found here, create a company risk assessment matrix for your present or previous employer.

H2a_Risk_assessment_Matrix.xlsx

Submit your completed assignment by following the directions linked below. Please check the Course Calendar for specific due dates.

Vulnerability

WEIGHT: N/A=Not Applicable 1=Very Low 2=Low 3=Medium 4=High 5=Very High
	VULNERABILITY	WEIGHT	RATIONALE
1	Inadequate Security Policy	2
2	Inadequate Training	2	Training is offered
3	Inadequate System Administration	2	Certified administrator with backup person assigned
4	Inadequate User Account Management	2	ISSO appointed
5	Inadequate Personnel Management	3
6	Incomplete Contingency Plan	1	Contingency Plan in place
7	Disclosure of Data	4
8	Modification of Data	5
9	Unlimited Access to Data	2	One root account
10	Objects Not Cleared Before Reuse	1
11	Inadequate Warning Banners	1
12	Use of Replayable I&A	2	Password encrypted, only one session permitted
13	Password Vulnerability to Cracking	5	Much effort but a lot to gain
14	Sharing of ID or Passwords	2	No concurrent sessios; Rules of Behavior in place
15	Session Timeout on Server	2	Cookies time out after 20 minutes
16	Concurrent Logon Sessions Permitted	2
17	Inadequate Audit Log	1
18	Inadequate Audit Analysis	3	Relying on human analysis
19	Data Transmissions in the Clear	5	SSL
20	Susceptibility to Line Tapping	5	SSL
21	Inconsistent Physical Perimeter Definition	2
22	Inadequate CM – Development	2
23	Inadequate CM – Operations / Maintenance	2
24	Facility Unavailability	3	Limited physical access
25	Data Unavailability	1	Availability of data is relatively low.
26	System / Component Unavailability	3
27	Unstable / Insufficient Communication Medium	4	Outages occur
28	Inadequate / Missing Documents	1	COOP in place
29	Failure to Achieve and Maintain Accreditation	N/A
30	Inadequate Protection of Web Server	5
N/A
1
2
3
4
5

&"Courier,Regular"&14SENSITIVE // FOR OFFICIAL USE ONLY &"Times New Roman,Bold"&E&F

Page &P of &N &"Courier,Regular"&12SENSITIVE // FOR OFFICIAL USE ONLY &D

Threats

WEIGHT: N/A=Not Applicable 1=Very Low 2=Low 3=Medium 4=High 5=Very High
	T H R E A T	WEIGHT	RATIONALE
	Deception
1	False Denial of Origin	2
2	False Denial of Receipt	2
3	Falsification	4
4	Insertion	3
5	Malicious Logic-Masquerade	3
6	Masquerade	2
7	Repudiation	2
8	Substitution	4
	Disruption
9	Hardware or Software Error-System	1
10	Hardware or Software Error-Data	1
11	Human Error	3
12	Environmental Failure	3
13	Incapacitation	1
14	Interference	4
15	Malicious Logic-Corruption	2
16	Malicious Logic- Disabling	3
17	Natural Catastrophe	1
18	Overload	4
19	Physical Destruction	1
20	Tampering-Corruption	5
	Usurpation
21	Malicious Logic-Misuse	5
22	Misappropriation	5
23	Misuse	5
24	Tampering-Misuse	5
25	Theft of Data	4
26	Theft of Service	4
27	Violation of Permissions	2
	Disclosure
28	Cryptanalysis	2
29	Eavesdropping	5
30	Exposure	3
31	Hardware or Software Error-System Failure	1
32	Human Error-Unintentional	2
33	Inference	5
34	Interception	5
35	Intrusion	5
36	Penetration	2
37	Reverse Engineering	2
38	Scavenging	2
39	Theft	1
40	Traffic Analysis	3
41	Trespass	3
42	Wiretapping	4
N/A
1
2
3
4
5

&"Courier,Regular"&12SENSITIVE // FOR OFFICIAL USE ONLY&"Arial,Bold"&14&E &F

Page &P of &N &"Courier,Regular"&12SENSITIVE // FOR OFFICIAL USE ONLY &D

Risk Computation

Vulnerabilities		Inadequate Security Policy	Inadequate Training	Inadequate System Administration	Inadequate User Account Management	Inadequate Personnel Management	Incomplete Contingency Plan	Disclosure of Data	Modification of Data	Unlimited Access to Data	Objects Not Cleared Before Reuse	Inadequate Warning Banners	Use of Replayable I&A	Password Vulnerability to Cracking	Sharing of ID or Passwords	Session Timeout on Server	Concurrent Logon Sessions Permitted	Inadequate Audit Log	Inadequate Audit Analysis	Data Transmissions in the Clear	Susceptibility to Line Tapping	Inconsistent Physical Perimeter	Inadequate CM – Development	Inadequate CM – Operations	Facility Unavailability	Data Unavailability	System / Component Unavailability	Unstable / Insufficient Communication	Inadequate / Missing Documents	Failure to Achieve and Maintain Accreditation	Inadequate Protection of Web Server
Threats	Wts.	2	2	2	2	3	1	4	5	2	1	1	2	5	2	2	2	1	3	5	5	2	2	2	3	1	3	4	1	N/A	5	Risk Total for Threat	Percent of Total Risk
Deception
False Denial of Origin	2	4	4	4	4	6	2	8	10	4	2	2	4	10	4	4	4	2	6	10	10	4	4	4	6	2	6	8	2		10	150	2%
False Denial of Receipt	2	4	4	4	4	6	2	8	10	4	2	2	4	10	4	4	4	2	6	10	10	4	4	4	6	2	6	8	2		10	150	2%
Falsification	4	8	8	8	8	12	4	16	20	8	4	4	8	20	8	8	8	4	12	20	20	8	8	8	12	4	12	16	4		20	300	3%
Insertion	3	6	6	6	6	9	3	12	15	6	3	3	6	15	6	6	6	3	9	15	15	6	6	6	9	3	9	12	3		15	225	2%
Malicious Logic	3	6	6	6	6	9	3	12	15	6	3	3	6	15	6	6	6	3	9	15	15	6	6	6	9	3	9	12	3		15	225	2%
Masquerade	2	4	4	4	4	6	2	8	10	4	2	2	4	10	4	4	4	2	6	10	10	4	4	4	6	2	6	8	2		10	150	2%
Repudiation	2	4	4	4	4	6	2	8	10	4	2	2	4	10	4	4	4	2	6	10	10	4	4	4	6	2	6	8	2		10	150	2%
Substitution	4	8	8	8	8	12	4	16	20	8	4	4	8	20	8	8	8	4	12	20	20	8	8	8	12	4	12	16	4		20	300	3%
Disruption
Hardware or Software Error-System	1	2	2	2	2	3	1	4	5	2	1	1	2	5	2	2	2	1	3	5	5	2	2	2	3	1	3	4	1		5	75	1%
Hardware or Software Error-Data	1	2	2	2	2	3	1	4	5	2	1	1	2	5	2	2	2	1	3	5	5	2	2	2	3	1	3	4	1		5	75	1%
Human Error	3	6	6	6	6	9	3	12	15	6	3	3	6	15	6	6	6	3	9	15	15	6	6	6	9	3	9	12	3		15	225	2%
Environmental Failure	3	6	6	6	6	9	3	12	15	6	3	3	6	15	6	6	6	3	9	15	15	6	6	6	9	3	9	12	3		15	225	2%
Incapacitation	1	2	2	2	2	3	1	4	5	2	1	1	2	5	2	2	2	1	3	5	5	2	2	2	3	1	3	4	1		5	75	1%
Interference	4	8	8	8	8	12	4	16	20	8	4	4	8	20	8	8	8	4	12	20	20	8	8	8	12	4	12	16	4		20	300	3%
Malicious Logic-Corruption	2	4	4	4	4	6	2	8	10	4	2	2	4	10	4	4	4	2	6	10	10	4	4	4	6	2	6	8	2		10	150	2%
Malicious Logic- Disabling	3	6	6	6	6	9	3	12	15	6	3	3	6	15	6	6	6	3	9	15	15	6	6	6	9	3	9	12	3		15	225	2%
Natural Catastrophe	1	2	2	2	2	3	1	4	5	2	1	1	2	5	2	2	2	1	3	5	5	2	2	2	3	1	3	4	1		5	75	1%
Overload	4	8	8	8	8	12	4	16	20	8	4	4	8	20	8	8	8	4	12	20	20	8	8	8	12	4	12	16	4		20	300	3%
Physical Destruction	1	2	2	2	2	3	1	4	5	2	1	1	2	5	2	2	2	1	3	5	5	2	2	2	3	1	3	4	1		5	75	1%
Tampering	5	10	10	10	10	15	5	20	25	10	5	5	10	25	10	10	10	5	15	25	25	10	10	10	15	5	15	20	5		25	375	4%
Usurpation
Malicious Logic-Misuse	5	10	10	10	10	15	5	20	25	10	5	5	10	25	10	10	10	5	15	25	25	10	10	10	15	5	15	20	5		25	375	4%
Misappropriation	5	10	10	10	10	15	5	20	25	10	5	5	10	25	10	10	10	5	15	25	25	10	10	10	15	5	15	20	5		25	375	4%
Misuse	5	10	10	10	10	15	5	20	25	10	5	5	10	25	10	10	10	5	15	25	25	10	10	10	15	5	15	20	5		25	375	4%
Tampering-Misuse	5	10	10	10	10	15	5	20	25	10	5	5	10	25	10	10	10	5	15	25	25	10	10	10	15	5	15	20	5		25	375	4%
Theft of Data	4	8	8	8	8	12	4	16	20	8	4	4	8	20	8	8	8	4	12	20	20	8	8	8	12	4	12	16	4		20	300	3%
Theft of Service	4	8	8	8	8	12	4	16	20	8	4	4	8	20	8	8	8	4	12	20	20	8	8	8	12	4	12	16	4		20	300	3%
Violation of Permissions	2	4	4	4	4	6	2	8	10	4	2	2	4	10	4	4	4	2	6	10	10	4	4	4	6	2	6	8	2		10	150	2%
Disclosure
Cryptanalysis	2	4	4	4	4	6	2	8	10	4	2	2	4	10	4	4	4	2	6	10	10	4	4	4	6	2	6	8	2		10	150	2%
Eavesdropping	5	10	10	10	10	15	5	20	25	10	5	5	10	25	10	10	10	5	15	25	25	10	10	10	15	5	15	20	5		25	375	4%
Exposure	3	6	6	6	6	9	3	12	15	6	3	3	6	15	6	6	6	3	9	15	15	6	6	6	9	3	9	12	3		15	225	2%
Hardware or Software Error-System Failure	1	2	2	2	2	3	1	4	5	2	1	1	2	5	2	2	2	1	3	5	5	2	2	2	3	1	3	4	1		5	75	1%
Human Error-Unintentional	2	4	4	4	4	6	2	8	10	4	2	2	4	10	4	4	4	2	6	10	10	4	4	4	6	2	6	8	2		10	150	2%
Inference	5	10	10	10	10	15	5	20	25	10	5	5	10	25	10	10	10	5	15	25	25	10	10	10	15	5	15	20	5		25	375	4%
Interception	5	10	10	10	10	15	5	20	25	10	5	5	10	25	10	10	10	5	15	25	25	10	10	10	15	5	15	20	5		25	375	4%
Intrusion	5	10	10	10	10	15	5	20	25	10	5	5	10	25	10	10	10	5	15	25	25	10	10	10	15	5	15	20	5		25	375	4%
Penetration	2	4	4	4	4	6	2	8	10	4	2	2	4	10	4	4	4	2	6	10	10	4	4	4	6	2	6	8	2		10	150	2%
Reverse Engineering	2	4	4	4	4	6	2	8	10	4	2	2	4	10	4	4	4	2	6	10	10	4	4	4	6	2	6	8	2		10	150	2%
Scavenging	2	4	4	4	4	6	2	8	10	4	2	2	4	10	4	4	4	2	6	10	10	4	4	4	6	2	6	8	2		10	150	2%
Theft	1	2	2	2	2	3	1	4	5	2	1	1	2	5	2	2	2	1	3	5	5	2	2	2	3	1	3	4	1		5	75	1%
Traffic Analysis	3	6	6	6	6	9	3	12	15	6	3	3	6	15	6	6	6	3	9	15	15	6	6	6	9	3	9	12	3		15	225	2%
Trespass	3	6	6	6	6	9	3	12	15	6	3	3	6	15	6	6	6	3	9	15	15	6	6	6	9	3	9	12	3		15	225	2%
Wiretapping	4	8	8	8	8	12	4	16	20	8	4	4	8	20	8	8	8	4	12	20	20	8	8	8	12	4	12	16	4		20	300	3%
Risk Total for Vulnerability		252	252	252	252	378	126	504	630	252	126	126	252	630	252	252	252	126	378	630	630	252	252	252	378	126	378	504	126	0	630	9450	100%
Percent of Total Risk		3%	3%	3%	3%	4%	1%	5%	7%	3%	1%	1%	3%	7%	3%	3%	3%	1%	4%	7%	7%	3%	3%	3%	4%	1%	4%	5%	1%		7%	9450	100%
RISK RATING	VERY HIGH				LOWEST RANK OF VULNERABILITIES AND THREATS TO FLAG:									9
VULNERABILITY	378		4%
THREAT	375		4%									1	2	3	4	5	6	7	8	9	10
MAXIMUM	25
RISK TOTALS	18900
TOTAL RISKS	1015
LOW	1015
MEDIUM	4060
HIGH	9135
VERY HIGH	16240

&"Courier,Regular"&14SENSITIVE – FOR OFFICIAL USE ONLY&"Arial,Bold"&E &F

Page &P of &N &"Courier,Regular"&12SENSITIVE // FOR OFFICIAL USE ONLY &D

Risk Computation Exploited

Collepals.com Plagiarism Free Papers

Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.

Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS

Why Hire Collepals.com writers to do your paper?

Quality- We are experienced and have access to ample research materials.

We write plagiarism Free Content

Confidential- We never share or sell your personal information to third parties.

Support-Chat with us today! We are always waiting to answer all your questions.

Why Choose Us

Best Essay Writing Services- Get Quality Homework Essay Paper at Discounted Prices

At the risk of sounding immodest, we must point out that we have an elite team of writers. Ours isn’t a collection of individuals who are good at searching for information on the Internet and then conveniently re-writing the information obtained to barely beat Plagiarism Software. Who can’t do that?

Our writers have strong academic backgrounds with regards to their areas of writing. A paper on History will only be handled by a writer who is trained in that field. A paper on health care can only be dealt with by a writer qualified on matters health care. Thesis papers will only be handled by Masters’ Degree holders while Dissertations will strictly be handled by PhD holders. With such a system, you needn’t worry about the quality of work. Quality isn’t just an option, it is the only option. We don’t just employ writers, we hire professionals.

We have writers spread into all fields including but not limited to Philosophy, Economics, Business, Medicine, Nursing, Education, Technology, Tourism and Travels, Leadership, History, Poverty, Marketing, Climate Change, Social Justice, Chemistry, Mathematics, Literature, Accounting and Political Science.

Our writers are also well trained to follow client instructions as well adhere to various writing conventional writing structures as per the demand of specific articles.

They are also well versed with citation styles such as APA, MLA, Chicago, Harvard, and Oxford which come handy during the preparation of academic papers.

They also have unrivalled skill in writing language be it UK English or USA English considering that they are native English speakers. You also needn’t worry about logical flow of thought, sentence structure as well as proper use of phrases.

Our writers are also not the kind to decorate articles with unnecessary filler words. We respect your money and most importantly your trust in us. In writing, we will be precise and to the point and fill the paper with content as opposed to words aimed at beating the word count.

Our shift-system also ensures that you get fresh writers each time you send a job. This helps overcome occupational hazards brought about by fatigue. Hence, quality will consistently be at the top.

From our writers, you expect; good quality work, friendly service, timely deliveries, and adherence to client’s demands and specifications.

Once you’ve submitted your writing requests, you can go take a stroll while waiting for our all-star team of writers and editors to submit top quality work.

How Our Website Works

Get an Essay from Us

College Essays is the biggest affiliate and testbank for WriteDen. We hire writers from all over the world with an aim to give the best essays to our clients.

Our writers will help you write all your homework. They will write your papers from scratch. We also have a team of editors who read each paper from our writers just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE.

Step 1
To make an Order you only need to click ORDER NOW and we will direct you to our Order Page. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline. Deadline range from 6 hours to 30 days.

Step 2
Once done with writing your paper we will upload it to your account on our website and also forward a copy to your email.

Step 3
Upon receiving your paper, review it and if any changes are needed contact us immediately. We offer unlimited revisions at no extra cost.

Is it Safe to use our services?
We never resell papers on this site. Meaning after your purchase you will get an original copy of your assignment and you have all the rights to use the paper.

Pricing and Discounts
Our price ranges from $8-$14 per page. If you are short of Budget, contact our Live Support for a Discount Code. All new clients are eligible for 20% off in their first Order. Our payment method is safe and secure.
Please note we do not have prewritten answers. We need some time to prepare a perfect essay for you.

Vulnerabilities		Inadequate Security Policy	Inadequate Training	Inadequate System Administration	Inadequate User Account Management	Inadequate Personnel Management	Incomplete Contingency Plan	Disclosure of Data	Modification of Data	Unlimited Access to Data	Objects Not Cleared Before Reuse	Inadequate Warning Banners	Use of Replayable I&A	Password Vulnerability to Cracking	Sharing of ID or Passwords	Session Timeout on Server	Concurrent Logon Sessions Permitted	Inadequate Audit Log	Inadequate Audit Analysis	Data Transmissions in the Clear	Susceptibility to Line Tapping	Inconsistent Physical Perimeter	Inadequate CM – Development	Inadequate CM – Operations	Facility Unavailability	Data Unavailability	System / Component Unavailability	Unstable / Insufficient Communication	Inadequate / Missing Documents	Failure to Achieve and Maintain Accreditation	Inadequate Protection of Web Server
Threats	Wts.	2	2	2	2	3	1	4	5	2	1	1	2	5	2	2	2	1	3	5	5	2	2	2	3	1	3	4	1	N/A	5	Risk Total for Threat	Percent of Total Risk
Deception
False Denial of Origin	2		4		4																											8	0%
False Denial of Receipt	2		4		4																											8	0%
Falsification	4		8						20																	4						32	2%
Insertion	3		6						15																	3						24	1%
Malicious Logic-Masquerade	3	6	6	6																			6	6		3					15	48	2%
Masquerade	2		4			6				4																						14	1%
Repudiation	2	4	4																													8	0%
Substitution	4		8		8				20																	4						40	2%
Disruption

Create a company risk assessment matrix fo

Vulnerability

Threats

Risk Computation

Risk Computation Exploited

Related Posts

What best practices should Sifers-Grayson follow when establishing a SOCC? In your talking points, you should address how your selected best prac

Technology Briefing for Sifers-Grayson Executives Must post first.Subscribe You are approaching the end of your time supporting Sifers-Grayson. Y

Describe one situation where it is most appropriate to use symmetric encryption and one situation where it is most appropriate to use asymmetric