Information Systems Security Management

advertisement
CMGT 442
Information Systems Risk Management
Philip Robbins – December 5, 2012 (Week 4)
University of Phoenix Mililani Campus
Objectives: Week 4
•
-
Project Risk Management
LT Activity: Week 5 Article Reading
Class Videos
Discuss: Final Project
Discuss: Final Exam
Week 4: Project Risk Management
Quiz #4
Final Exam Review
Learning Team Activity
• Activity: Review Week 5 ‘Article’ Reading
- 15 minutes: Read Article
- 10 minutes: Answer article questions
- 10 minutes: Class Discussion
LT Activity: Week 4 Article Reading
• Drumheller, R. (2011). Information Security Gap Analysis
- Do you consider conducting an information security gap
analysis on a regular basis an essential best practice for
ensuring enterprise risk management?
- What are the major factors to consider when conducting an
information security gap analysis?
Final Exam
• Examination (50 pts.)
- 1 Hour (Start: 630 PM, End: 730 PM)
- 60 questions total (only 50 count toward grade)
- Multiple choice (A, B, C, D)
- Closed Book, Closed Notes, No Computers, etc…
Final Project & Presentation
• Presentation (25 pts.)
• Paper Assessment (25 pts.)
- 20 minutes per team (5 minutes per person)
- 6 pages max. per assessment (provide hard copy)
- Follow requirements for the assignment carefully.
- Class participation (1 question per person)
Break?
• This is probably time for a break…
Project Risk Management
• PMBOK Guide
-
Project Management Body of Knowledge
International Standard
PMP
Project Risk Management
Knowledge Area (Chapter 11)
xxxx
Project Management Mindmap
QUICK REVIEW: Week 1
• What is Information Systems Risk Management?
- Information Systems Risk Management is the
process of identifying, assessing, and reducing
(mitigating) risks to an acceptable level.
vs.
• What is Project Risk Management?
- Six processes…
Project Risk Management Processes
Do we agree with this!?? Careful…
PMBOK Risk Definition (Glossary)
Project Risk Management:
Information Systems Risk Management:
Positive Risks & Negative Risks
Negative Risks
P1: Plan Risk Management
P1: Plan Risk Management
P1: Plan Risk Management
P1: Plan Risk Management
P1: Plan Risk Management
P2: Identify Risks
P3: Qualitative Risk Analysis
P3: Qualitative Risk Analysis
P3: Qualitative Risk Analysis
REVIEW: Qualitative Risk Matrix
Catastrophic
(5)
Impact
Material
(4)
RISK
Major
(3)
Minor
(2)
Insignificant
(1)
Rare(1)
Unlikely(2)
Moderate(3)
Likely (4)
Probability (Vulnerability | Threat)
Frequent(5)
P4: Quantitative Risk Analysis
P4: Quantitative Risk Analysis
P4: Quantitative Risk Analysis
P4: Quantitative Risk Analysis
P4: Quantitative Risk Analysis
P5: Plan Risk Responses
P5: Plan Risk Responses
xxxx
P6: Monitor and Control Risks
P6: Monitor and Control Risks
Review: Question #1
Review: Question #1
Review: Question #2
Review: Question #2
Review: Question #3
Review: Question #3
Review: Question #4
Review: Question #4
Review: Question #5
Review: Question #5
Review: Question #6
Review: Question #6
Break?
• This is probably time for a break…
Quiz: Week 4
• 10-15 minutes
Week 4 Final Exam Review
Download
Related flashcards
Create flashcards