Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Databases

risk assessment report template - Information Technology Services

advertisement 
OLD DOMINION UNIVERSITY
Information Technology Risk Assessment
For
Risk Assessment Report
Risk Assessment Annual Document Review History
The Risk Assessment is reviewed, at least annually, and the date and reviewer recorded on the table
below.
Review Date\Comments
Reviewer
i
Risk Assessment Report
TABLE OF CONTENTS
1
INTRODUCTION.................................................................................................................1
2
IT SYSTEM CHARACTERIZATION ...............................................................................2
3
RISK IDENTIFICATION ....................................................................................................4
4
CONTROL ANALYSIS .......................................................................................................8
5
RISK LIKELIHOOD DETERMINATION......................................................................14
6
IMPACT ANALYSIS .........................................................................................................18
7
RISK DETERMINATION .................................................................................................21
8
RECOMMENDATIONS....................................................................................................23
9
RESULTS DOCUMENTATION.......................................................................................25
LIST OF EXHIBITS
EXHIBIT 1: RISK ASSESSMENT MATRIX ........................................................................................ 25
LIST OF FIGURES
FIGURE 1 – IT SYSTEM BOUNDARY DIAGRAM ................................................................................. 3
FIGURE 2 – INFORMATION FLOW DIAGRAM ............................. ERROR! BOOKMARK NOT DEFINED.
LIST OF TABLES
TABLE A:
TABLE B:
TABLE D:
TABLE E:
TABLE F:
TABLE G:
TABLE H:
TABLE I:
TABLE J:
TABLE K:
TABLE L:
TABLE M:
RISK CLASSIFICATIONS ................................................................................................. 1
IT SYSTEM INVENTORY AND DEFINITION ..................................................................... 2
VULNERABILITIES, THREATS, AND RISKS ..................................................................... 5
SECURITY CONTROLS.................................................................................................... 6
RISKS-CONTROLS-FACTORS CORRELATION .................................................................. 8
RISK LIKELIHOOD DEFINITIONS .................................................................................... 9
RISK LIKELIHOOD RATINGS .......................................................................................... 9
RISK IMPACT RATING DEFINITIONS ............................................................................ 19
RISK IMPACT ANALYSIS .............................................................................................. 19
OVERALL RISK RATING MATRIX ................................................................................ 21
OVERALL RISK RATINGS TABLE ................................................................................. 21
RECOMMENDATIONS ................................................................................................... 23
ii
Risk Assessment Report
1
INTRODUCTION
Participants: Risk assessment participants, their IT roles (System Owner, Data Owner, etc.),
roles in their department and any specific role taken in the System Risk Assessment.
Assessment Techniques: The techniques used to gather the necessary information (the use of
tools, use of questionnaires, vendor input, area expertise input, system component
documentation).
Table A: Risk Classifications
Risk Level
Risk Description & Necessary Actions
High
The loss of confidentiality, integrity, or availability could be expected to have a
severe or catastrophic adverse effect on organizational operations,
organizational assets or individuals.
Moderate
The loss of confidentiality, integrity, or availability could be expected to have a
serious adverse effect on organizational operations, organizational assets or
individuals.
Low
The loss of confidentiality, integrity, or availability could be expected to have a
limited adverse effect on organizational operations, organizational assets or
individuals.
1
Risk Assessment Report
2
IT SYSTEM CHARACTERIZATION
System Inventory and Definition
IT System Inventory and Definition Document
IT System ID
I. IT System Identification and Ownership
IT System
Common Name
Owned By
Physical Location
Major Business
Function
System Owner
Phone Number
Data Owner(s)
Phone Number(s)
Other Relevant
Information
IT System
Description and
Components
IT System
Interfaces
IT System
Boundary
External Agency
or Hosting Vendor
System Administrator(s)
Phone Number
Data Custodian(s)
Phone Number(s)
II. IT System Boundary and Components
Hardware
Components
Software
Components
Intended
Audience
End User
Interfaces
Administrative
Interfaces
Database
Connections
Loads, Extracts
or Other
Connections
Data Boundary
Physical/
Hardware
Boundary
Support
Boundary
III. IT System Operability and Agreements
IT System Name
IT System
IT System Owner
ID
IV. IT System and Data Sensitivity
2
Interoperability Security
Agreement \ Terms and
Conditions
Risk Assessment Report
Type of Data
Sensitivity Ratings*
Data
Classification
Confidentiality
Integrity
Availability
Overall IT System Sensitivity Rating
Must be “high” if sensitivity of any data type is rated “high” on any of the criteria
HIGH
MODERATE
LOW
IT System Classification
Must be “Sensitive” if overall sensitivity is “high”; consider as “Sensitive” if overall
sensitivity is “moderate”
SENSITIVE
NON-SENSITIVE
V. IT System Management Practices
If No, Describe
OCCS IT Standards
Acceptance of
http://occs.odu.edu/policies/index.p
OCCS
hp
Standards
NO
Account Management
YES
NO
Backups Schedules
YES
NO
Server Management
YES
NO
IT Security Program
YES
Overall IT
System
Sensitivity
Rating and
Classification
Additional Information:
Compliance:
*For Data that is protected by law, regulation, or compliance requirement, document the applicable
laws, regulations or compliance requirements for each type of covered data:
System Diagram:
Description or diagram of the system and network architecture, including all
components of the system and communications links connecting the components of the
system, associated data communications and networks:
3
Risk Assessment Report
3
RISK IDENTIFICATION
Identification of Vulnerabilities, Threats and Risk
Vulnerabilities and threats were identified by what means:
The way vulnerabilities combine with credible threats to create risks is identified Table D.
Table D: Vulnerabilities, Threats, and Risks
Risk
No.
Vulnerability
Patches to correct flaws in
application software not
installed.
1
Risk of
Compromise of
Threat
Computer crime
Risk Summary
Confidentiality and
integrity of <what> data.
Exploitation of flaws in
application software could
result in compromise of
confidentiality and integrity
of <what> data.
Confidentiality and
integrity of <what> data.
Exploitation of flaws in
operating system software
could result in compromise
of confidentiality and
integrity of <what> data.
Confidentiality and
integrity of corporate
data.
Remote access currently set
to… <specify current
controls>. If these controls
are not in place, unauthorized
access could result in
compromise of
confidentiality and integrity
of <what> data.
Confidentiality and
integrity of corporate
data.
This system sits <where
relative to campus firewalls>,
failure of this (or these)
firewalls can result in
increasing the likelihood of
other risks being exploited.
Confidentiality and
integrity of corporate
data
Loss or theft of data from
server could result in
compromise of
confidentiality and integrity
of <what> data.
Malicious use
System compromise
Unauthorized access
2
Patches to correct flaws in
operating system software
not installed.
Computer crime
Remote access to server
console not properly
monitored.
System compromise
Loss of firewall
protection.
Computer crime
Malicious use
Unauthorized access
3
Malicious use
4
System compromise
Unauthorized use
Internal access to server.
5
Computer crime
Malicious use
Unauthorized use
4
Risk Assessment Report
Risk
No.
6
Vulnerability
Risk of
Compromise of
Threat
Hardware
Issues/Equipment Failure
or loss
System Unavailable
Inability to access the
system.
Loss of hardware or
equipment would result in the
entire system or some portion
of the system being
unavailable.
Single Point of Failure
System Unavailable
Inability to access the
system.
Loss of any portion of the
system would result in the
entire system or some portion
of the system being
unavailable.
Poor Systems
Administration Practices
External to <my
administrator(s)>.
Computer crime, malicious
use, system compromise,
unauthorized access
Confidentiality and
integrity of corporate
data.
Poor administration practices
could result in compromise
of the system and expose
<what> data to a risk of loss
of availability, confidentiality
or integrity.
Key Person Dependency
System Unavailable
Inability to adequately
support the application.
Loss of key person could
result in system downtime if
a software issue occurred, or
the inability to enhance or
maintain this system’s
functionality.
Loss of Critical
Documentation, Data or
Software
Computer crime, malicious
use, system compromise,
unauthorized access
Confidentiality and
integrity of corporate
data.
Loss of documentation,
software or data could result
in data compromise and
temporary disruption in
service, or inability to restore
services which have been
lost.
Clear Text Transmission
of Critical Data
Computer crime, malicious
use, system compromise,
unauthorized access
Confidentiality and
integrity of corporate
data.
Capture of clear text data
could result in identity theft
and /or system access control
issues.
Data Disclosure
Computer crime, malicious
use, system compromise,
unauthorized access
Confidentiality and
integrity of corporate
data.
Disclosure of sensitive
personal information could
result in identity theft and/or
system access control issues.
Inadequate Customer
Practices
Computer crime, malicious
use, system compromise,
unauthorized access
Confidentiality and
integrity of corporate
data.
Data corruption or loss, or
implementation of
applications with errors could
result from improper or
incomplete testing of system
or application changes
7
8
Risk Summary
9
10
11
12
13
5
Risk Assessment Report
Risk
No.
Vulnerability
Risk of
Compromise of
Threat
Risk Summary
Inadequate Database
Support
Computer crime, malicious
use, system compromise,
unauthorized access
Confidentiality and
integrity of corporate
data, inability to access
and recover corporate
data.
Data corruption or loss could
result from improper or
incomplete testing of system
changes or system
management /monitoring.
Inadequate Applications
Support
Computer crime, malicious
use, system compromise,
unauthorized access
Inability to adequately
support the application.
Data corruption or loss could
result from improper or
incomplete testing of the
application changes.
Software Issues from
Vendor
Computer crime, malicious
use, system compromise,
unauthorized access
Confidentiality and
integrity of corporate
data and ability to
provide service to the
campus.
Software issues caused by the
vendor could lead to data
corruption or mission critical
system disruption or
dysfunction.
Poor Password Practices
Computer crime, malicious
use, system compromise,
unauthorized access
Confidentiality and
integrity of corporate
data.
Poor password practices
could allow improper system
access which could result in
data theft, data corruption,
application system alteration
or disruption.
System Compromise
Computer crime, malicious
use, unauthorized access
Confidentiality and
integrity of corporate
data.
Compromise system could
result in data theft, data
corruption, application
system alteration or
disruption.
Lack of Sufficient
Operational Policies
Computer crime, malicious
use, system compromise,
unauthorized access
Confidentiality and
integrity of corporate
data.
Lack of or the improper
execution of sufficient
operational polices could
result in data theft, data
corruption, application
system alteration or
disruption.
Poor Physical Security
Computer crime, malicious
use, system compromise,
unauthorized access
Confidentiality and
integrity of corporate
data.
Poor physical security could
allow personal access to staff
workstations or Computer
Center assets which could
result in data theft, data
corruption, application
system alteration or
disruption.
Functional Lockout
System unavailability
Inability to access the
system.
The inability of staff to
access the computing
infrastructure or applications
could result in the inability to
access the system.
14
15
16
17
18
19
20
21
6
Risk Assessment Report
Risk
No.
Vulnerability
Risk of
Compromise of
Threat
Risk Summary
Environmental Issues
Loss of AC or power.
Inability to access the
system.
Environmental issues could
result in the inability to
access and maintain server
hardware.
Natural Disaster
Hurricanes, floods, and other
weather phenomenon.
Inability to access the
system.
Natural disasters could
interrupt power to the
Computer Center and make it
impossible for staff to
support the server
environment thus disabling
access to <what>.
22
23
24
25
7
Risk Assessment Report
4
CONTROL ANALYSIS
Table E documents the IT security controls in place and planned for the IT system.
Table E: Security Controls
Control Area
In-Place/
Planned
Description of Controls
1 Risk Management
1.1 IT Security
Roles &
Responsibilities
In Place
ODU Standard 02.2.2 – IT Security Roles and Responsibilities
1.2 Business Impact
Analysis
In Place
ODU Standard 02.3.2 – Business Impact Analysis
1.3 IT System &
Data Sensitivity
Classification
In Place
ODU Standard 02.4.2 – Data Classification Standard
ODU Policy 3504 – Data Classification Standard
1.4 IT System
Inventory &
Definition
ODU Standard 02.5.2 – System Inventory Standard
1.5 Risk
Assessment
ODU Standard 02.6.2 – Risk Assessment Standard
1.6 IT Security
Audits
In Place
ODU Standard 02.7.2 – Security Audit Standard
2 IT Contingency Planning
2.1 Continuity of
Operations
Planning
ODU Standard 03.2.2 – Continuity of Operations Planning Standard
2.2 IT Disaster
Recovery
Planning
ODU Standard 03.3.2 – Disaster Recovery – Business Continuity Plan
Standard
2.3 IT System &
Data Backup &
Restoration
ODU Standard 03.4.2 – IT System and Data Backup and Restoration
Standard
3 IT Systems Security
3.1 IT System
Hardening
ODU Standard 04.3.3 – Server Management Standard
3.2 IT Systems
Interoperability
Security
ODU Standard 01.6.0 – IT System Interoperability Security Standard
3.3 Malicious Code
Protection
ODU Standard 04.5.2 – Malicious Code Protection Standard
3.4 IT Systems
Development
Life Cycle
Security
In Place
ODU Standard 04.6.2 – Project Management Standard
OCCS Procedure 04.1.1 – IS&DA Project Management Procedure
4 Logical Access Control
4.1 Account
Management
ODU Standard 05.2.2 – Account Management Standard
OCCS Procedure 05.2.2 – Account Management Procedure
8
Risk Assessment Report
Control Area
In-Place/
Planned
Description of Controls
ODU Standard 05.2.2 – Account Management Standard
OCCS Procedure 05.2.2 – Account Management Procedure
4.2 Password
Management
ODU Standard 05.4.1 – Remote Access Standard
4.3 Remote Access
5 Data Protection
4.4 Data Storage
Media
Protection
ODU Standard 06.2.2 – Data Storage Media Protection Standard
4.5 Encryption
ODU Standard 06.3.2 – Encryption Usage and Key Escrow Standard
6 Facilities Security
ODU Standard 07.2.1 – Facilities Security Standard
6.1 Facilities
Security
7 Personnel Security
7.1 Access
Determination &
Control
In Place
ODU Standard 08.2.2 – Access Determination and Control Standard
7.2 IT Security
Awareness &
Training
In Place
ODU Guideline 08.3.2 – Security Training Program
7.3 Acceptable Use
In Place
ODU Standard 08.4.2 – Acceptable Use Standard
8 Threat Management
8.1 Threat Detection
In Place
ODU Standard 09.2.2 – Threat Detection Standard
8.2 Incident
Handling
In Place
ODU Standard 09.4.2 – IT Security Incident Handling Standard
ODU Standard 09.3.2 – Security Monitoring and Logging Standard
8.3 Security
Monitoring &
Logging
9 IT Asset Management
9.1 IT Asset Control
In Place
ODU Standard 10.2.2 – Software License Standard
9.2 Software
License
Management
9.3 Configuration
Management &
Change Control
ODU Standard 10.2.1 – IT Asset Control Standard
In Place
ODU Standard 10.4.1 – Change Management Standard
Table F correlates the risks identified in Table D with relevant IT security controls
documented in Table E and with other mitigating or exacerbating factors.
Table F: Risks-Controls-Factors Correlation
9
Risk Assessment Report
RiskNo.
Correlation of Relevant Controls & Other
Factors
Risk Summary
1
Exploitation of flaws in application software could
result in compromise of confidentiality and integrity
of corporate data.
OCCS Server Management Standard requires that
application software changes be applied after
undergoing a risk-benefit analysis. Patches and updates
are obtained only from vendor and applied on an asneeded basis.
2
Exploitation of flaws in operating system software
could result in compromise of confidentiality and
integrity of corporate data.
OCCS Server Management Standard requires that
operating system changes be applied after undergoing a
risk-benefit analysis. Patches and updates are only to be
obtained only from reputable and confirmed sources and
applies on an as-needed basis.
3
Remote access currently set to… <specify current
controls>. If these controls are not in place,
unauthorized access could result in compromise of
confidentiality and integrity of <what> data.
Remote access is only allowed <how for this system>;
Firewall rules have to be in place in order for server
connection to be completed. (Was any vendor access
temporarily granted and how will this be handled).
4
Multiple firewall failures would have to occur in
order for this even to happen, resulting in
compromise of confidentiality and integrity of
corporate data.
Port Security at the host level will prevent access should
this occur.
5
Loss or theft of data from server could result in
compromise of confidentiality and integrity of
corporate data.
Internal access from OCCS is tightly regulated based on
Access Control Policy 3501
6
Loss of hardware or equipment would result in the
system or some other portion of the system being
unavailable.
How is this eventuality addressed by design, policy or
stated practice…
7
Loss of any portion of the system would result in the
system or some other portion of the systems being
unavailable.
All hardware and software associated with the system is
under <what support contract>, <and supported by on
call staff>.
Exploitation of flaws in software could result in
compromise of confidentiality and integrity of data.
Control 3.4 requires customer testing and approval of all
application upgrades to the system.
All applications are tested and approved by customers
prior to being placed into production, as documented in
the IS&DA Project Management Standard.
All
databases are maintained at appropriate security levels
and all operating systems are maintained at supported
levels.
8
9
10
Loss of key person could result in system downtime
if a software issue occurred, or the inability to
enhance or maintain systems functionality.
<Who or what role> is available to assist as needed and
the vendor provides application support services for a
fee.
Loss of documentation, software or data could result
in data compromise and temporary disruption in
service, or inability to restore services which have
been lost.
All data is recoverable from system backups and the
system can be rebuilt. All licenses are copied to
<where>. All documentation and original application
code are available from the vendor through online
access and of-site at <where>.
10
Risk Assessment Report
Capture of clear text data could result in identity theft
and / or system access control issues.
11
No sensitive data it transmitted from the system in clear
text format. All data is encrypted and OCCS is in the
process of completing Interoperability Security
Agreements with all entities receiving data from this
system.
Refer to (1) Data Classification policy, and standard, (2)
Acceptable Use Standard, and (3) Encryption Standard,.
12
Disclosure of sensitive personal information could
result in identity theft and / or system access control
issues.
No data will be disclosed to anyone unless they have a
true operational need for the data.
Refer to (1) Data Classification policy, and standard, (2)
Acceptable Use Standard
Data corruption or loss, or implementation of
applications with errors could result from improper
or incomplete testing of system or application
changes
Control 3.4 requires customer testing and approval of all
application upgrades to the system.
Data corruption or loss could result from improper or
incomplete testing of system changes or system
management /monitoring.
Control 3.4 requires customer testing and approval of all
application upgrades to the system.
13
All applications are tested and approved by customers
prior to being placed into production, as documented in
the IS&DA Project Management Standard.
All
databases are maintained at appropriate security levels
and all operating systems are maintained at supported
levels.
All applications are tested and approved by customers
prior to being placed into production, as documented in
the IS&DA Project Management Standard.
All
databases are maintained at appropriate security levels
and all operating systems are maintained at supported
levels.
14
Data corruption or loss could result from improper or
incomplete testing of application changes.
Control 3.4 requires customer testing and approval of all
application upgrades to the system.
All applications are tested and approved by customers
prior to being placed into production, as documented in
the IS&DA Project Management Standard.
All
databases are maintained at appropriate security levels
and all operating systems are maintained at supported
levels.
15
Software issues caused by the vendor could lead to
data corruption or mission critical system disruption
or dysfunction.
Control 3.4 requires customer testing and approval of all
application upgrades to the system.
All applications are tested and approved by customers
prior to being placed into production, as documented in
the IS&DA Project Management Standard.
All
databases are maintained at appropriate security levels
and all operating systems are maintained at supported
levels.
16
11
Risk Assessment Report
17
18
Poor password practices could allow improper
system access which could result in data theft, data
corruption, application system alteration or
disruption.
OCCS has implemented the Access Control Policy
(3501), the Account Management Standard (5.2.2), and
the Password Management Standard (5.3.2).
Compromise of the system could result in data theft,
data corruption, application system alteration or
disruption.
Internal access from OCCS is tightly regulated based on
Access Control Policy 3501
Lack of, or the proper execution of, sufficient
operational polices could result in data theft, data
corruption, application system alteration or
disruption.
All account holders must sign the Acceptable Usage
Agreement annually. Security awareness training is
required of all users annually. OCCS maintains a robust
security infrastructure to protect corporate data and
ensures all applicable security, database and application
patches are properly tested and applied as required.
OCCS has numerous policies, standards and procedures
in these areas.
Poor physical security could allow personal access to
staff workstations or Computer Center assets which
could result in data theft, data corruption, application
system alteration or disruption.
Control 6.1 requires secure computing facilities. The
central facility is card controlled allowing access to staff
requiring access to carry out their duties.
19
20
A secondary factor is the risk associated with gaining
access to the client application from the client location.
Physical access to the client buildings, workstation areas
and networks are adequately protected.
The inability of staff to access the computing
infrastructure or applications could result in the
inability to access the system.
The communications infrastructure for on and offcampus access is maintained by central IT staff and
utilized redundant server infrastructure to guard against
a single point of failure for application access. OCCS
maintains additional hardware which could be quickly
reconfigured and placed into service and maintains
vendor relations sufficient to get replacement hardware
in a short amount of time.
Environmental issues could result in the inability to
access and maintain server hardware.
Controls 2.1, 2.2, and 2.3 addresses the need for
contingency planning in the event the central facility is
become unable to support critical systems.
21
The university Physical Plant is responsible for the care
and maintenance of the environmental systems with in
the central computing facility. When needed, vendors
are brought in to address environmental issues. If the
environmental impact of an event is sufficient to render
the central computing facility unusable, the disaster
recover site would be activated and critical systems’
access from that location.
22
23
Controls 4.1 and 4.2 require strong account and
password management practices be in place for the
system.
Natural disasters could interrupt power to the
Computer Center and make it impossible for staff to
12
Controls 2.1, 2.2, and 2.3 address the need for
contingency planning in the event the central facility is
Risk Assessment Report
support the server environment thus disabling access
to the system.
become unable to support critical systems.
A sufficiently large natural disaster, such as hurricane,
will be disruptive to the entire Tidewater area. As soon
as it is safe for the staff to do so, the impact of the
natural disaster will be assessed and the necessary
actions taken to restore access to the system. This could
require transfer of work to the disaster recover site if the
central facility could not support the application.
24
25
13
Risk Assessment Report
5
RISK LIKELIHOOD DETERMINATION
Table G defines the risk likelihood ratings.
Table G: Risk Likelihood Definitions
Effectiveness of
Controls
Low
Moderate
High
Probability of Threat Occurrence (Natural or Environmental Threats) or
Threat Motivation and Capability (Human Threats)
Low
Moderate
High
Moderate
High
High
Low
Moderate
High
Low
Low
Moderate
Table H, evaluates the effectiveness of controls and the probability or motivation and
capability of each threat and assigns a likelihood, as defined in Table G, to each risk
documented in Table D.
Table H: Risk Likelihood Ratings
14
Risk Assessment Report
Risk
No.
Risk Summary
Risk Likelihood Evaluation
Risk Likelihood
Rating
Exploitation of flaws in
application software could
result in compromise of
confidentiality and integrity of
corporate data.
Effectiveness of controls to apply software
application patches is rated as moderate, due to
the nature of the application. Threat occurrence is
rated as low due to multiple firewalls being in
place to prevent inappropriate access.
Low
Exploitation of flaws in
operating system software
could result in compromise of
confidentiality and integrity of
this data.
Effectiveness of controls to apply operating
system patches is rated as high, due to the nature
of the application. Threat occurrence is rated as
moderate since any authorized end-user could
gain access to the system and exploit an operating
system flaw.
Low
Internal usage of remote access of server is tightly
regulated, resulting in a highly effective control.
Monitoring of vendor access though is low. The
threat occurrence from the vendor access is low.
Moderate
3
Remote access currently set
to… <specify current controls>.
If these controls are not in
place, unauthorized access
could result in compromise of
confidentiality and integrity of
<what> data.
Effectiveness of controls on firewall software and
firmware is high. Threat probability is low to
moderate, depending on what access an outside
threat can initiate with the firewall devices.
Low
4
Multiple firewall failures would
have to occur in order for this
even to happen, resulting in
compromise of confidentiality
and integrity of corporate data.
Loss or theft of data from server
could result in compromise of
confidentiality and integrity of
corporate data.
Effectiveness of controls regulating access to the
servers is very stringent, based on need-to-know,
resulting in a high rating. Threat probability is
moderate due to the human nature factor that has
to be taken into consideration.
Low
Loss of hardware or equipment
would result in the system or
some other portion of the
system being unavailable.
The servers and related hardware used the system
are effectively monitored and maintained. All
hardware components are under warranty with
short response vendor service agreements. If
needed, hardware would be replaced by vendors
in a timely manner to make the system available.
Low
Loss of any portion of the
system would result in entire
system or some other portion of
the system being unavailable.
The system is comprised of modules which
perform specific functions. If any of these
modules becomes compromised the system would
be impacted. The system is sufficiently monitored
to identify this type of occurrence. Also,
applications are adequately tested before being
placed into production to insure the interactions of
the applications are accurate.
Low
Exploitation of flaws in
The review and implementation process for
Low
1
2
5
6
7
8
15
Risk Assessment Report
Risk
No.
Risk Summary
Risk Likelihood Evaluation
Risk Likelihood
Rating
software could result in
compromise of confidentiality
and integrity of data
applications is well documented and followed
whenever a production application is changed.
Customer testing and signoff are required before a
new version of the application is moved to
production. This testing involves the review of all
related portions of the application. The technical
and functional leads for system monitor fixes and
releases for issues which could lead to exploits of
the system.
It is always possible for key staff to leave the
University. This could be functional or technical
staff. Systems support staff is crossed trained on
all support systems to provide redundancy.
Low
9
Loss of key person could result
in system downtime if a
software issue occurred, or the
inability to enhance or maintain
systems functionality.
All software and data are backed up and secured
on a daily basis. All documentation and baseline
versions of the software are available from the
vendor through a download process.
Low
10
Loss of documentation,
software, or data could result in
data compromise and temporary
disruption in service
Capture of clear text data could
result in identity theft and / or
system access control issues.
Security awareness training and the acceptable
usage policy stress the need to properly secure the
corporate data. All data has been properly
classified and the classifications made available to
appropriate personnel. All data exchange
processes are reviewed to insure no data is being
transmitted in clear text.
Low
Disclosure of sensitive personal
information could result in
identity theft and / or system
access control issues.
Because of staff education and effective
monitoring the possibility of personal information
disclosure is low. Effective security awareness
training, the use of the acceptable usage statement
and constant reminders to staff through electronic
means will continue to reinforce this message.
Even effective controls and training cannot stop a
person with appropriate access from doing
something which is wrong. For that reason, this
must be considered a medium risk.
Moderate
Data corruption or loss, or
implementation of applications
with errors could result from
improper or incomplete testing
of system or application
changes
The review and implementation process for the
system and application changes is well
documented and followed whenever a production
application is changed. Customer testing and
signoff are required before a new version of the
application is moved to production. This testing
involves the review of all related portions of the
application. The technical and functional leads
for the system monitor patches and releases for
issues which could lead to exploits of the system.
Low
11
12
13
16
Risk Assessment Report
Risk
No.
14
Risk Likelihood Evaluation
Data corruption or loss could
result from improper or
incomplete testing of system
changes or system management
/monitoring.
The UNIX support group is responsible for the
maintenance of the operating systems used by the
system and the database administration group
maintains the databases and associated security of
the systems. All upgrades are placed into a test
environment and reviewed prior to being placed
into the production environment. All upgrades are
planned and monitored. Back out procedures are
followed if the upgrade was not successful.
Low
Data corruption or loss could
result from improper or
incomplete testing of
application changes.
All applications are tested and approved by
customers prior to being placed into production,
as documented in the IS&DA Project
Management Standard. All databases are
maintained at appropriate security levels and all
operating systems are maintained at supported
levels. The IS&DA Project Management
Procedures outlines the steps taken to insure the
applications being placed into production are as
accurate as possible.
Low
Software issues caused by the
vendor could lead to data
corruption or mission critical
system disruption or
dysfunction.
All patches, updates and releases are thoroughly
reviewed by the technical and functional leads
prior to being placed into the test environment.
All changes to the system are thoroughly tested
and a customer signoff is required prior to the
change being placed into production. The system
is closely monitored through daily use to insure no
issues arise from vendor supplied changes.
Moderate
Poor password practices could
allow improper system access
which could result in data theft,
data corruption, application
system alteration or disruption.
Security awareness training, the acceptable usage
policy and the access control policy all stress the
proper care of passwords. The functional areas
are very aware of the need to secure their data and
for the proper protection of passwords.
Low
Compromise of the system
could result in data theft, data
corruption, application system
alteration or disruption.
The system is protected by firewalls that prohibit
unauthorized access. The systems are closely
monitored for misuse and unauthorized access.
Security awareness training, the acceptable usage
policy, and the access control policy all stress the
proper care of passwords and the need to maintain
the security of the system
Low
Lack of, or the proper execution
of, sufficient operational polices
could result in data theft, data
corruption, application system
alteration or disruption.
Sufficient operational policies and monitoring
techniques have been implemented to protect the
integrity of the system and the confidentiality of
the data it uses.
Low
15
16
17
18
19
Risk Likelihood
Rating
Risk Summary
17
Risk Assessment Report
Risk
No.
Risk Summary
Risk Likelihood Evaluation
20
Poor physical security could
allow personal access to staff
workstations or Computer
Center assets which could result
in data theft, data corruption,
application system alteration or
disruption.
All access to the Computer Center offices and
computer room is card controlled. Only staff
requiring access is granted the level of access
needed.
Low
21
The inability of staff to access
the computing infrastructure or
applications could result in the
inability to access the system.
All systems are closely monitored by the
operations staff and supported by the network,
database and application staffs. In the unlikely
event access if unavailable to the system,
operations will contact the appropriate support
staff to have the problem resolved and access
restored as quickly as possible.
Low
22
Environmental issues could
result in the inability to access
and maintain server hardware.
The Computer Center has a redundant power
supply comprised of battery backup and a
generator. In the event of a power loss, these
power sources are automatically activated. Other
environmental aspects of the server room are
maintained by physical plant or external vendors
who respond to address and resolve issues.
Low
23
Natural disasters could interrupt
power to the Computer Center
and make it impossible for staff
to support the server
environment thus disabling
access to the system.
Old Dominion University is located in the
southeastern area of Virginia and is very close to
the Atlantic Ocean. Because of this proximity to
the ocean, the Tidewater area is susceptible to
hurricanes. Should a sufficiently intense storm hit
the Tidewater area, there will be widespread
destruction and power outages. Although
possible, the likelihood of ODU being affected by
this type of occurrence is historically low.
Low
24
25
6
Risk Likelihood
Rating
IMPACT ANALYSIS
18
Risk Assessment Report
Table I documents the ratings used to evaluate the impact of risks.
Table I: Risk Impact Rating Definitions
Magnitude
of Impact
High
Occurrence of the risk: (1) may result in human death or serious injury; (2) may
result in the loss of major COV tangible assets, resources or sensitive data; or
(3) may significantly harm, or impede the COV’s mission, reputation or interest.
Moderate
Low
Impact Definition
Occurrence of the risk: (1) may result in human injury; (2) may result in the
costly loss of COV tangible assets or resources; or (3) may violate, harm, or
impede the COV’s mission, reputation or interest.
Occurrence of the risk: (1) may result in the loss of some tangible COV assets
or resources or (2) may noticeably affect the COV’s mission, reputation or
interest.
Table J documents the results of the impact analysis, including the estimated impact for
each risk identified in Table D and the impact rating assigned to the risk.
Table J: Risk Impact Analysis
Risk
No.
1
2
3
4
5
Risk Impact
Rating
Risk Summary
Risk Impact
Exploitation of flaws in application software
could result in compromise of confidentiality
and integrity of corporate data.
Exploitation of flaws in operating system
software could result in compromise of
confidentiality and integrity of corporate data.
Remote access currently set to… <specify
current controls>. If these controls are not in
place, unauthorized access could result in
compromise of confidentiality and integrity
of <what> data.
Multiple firewall failures would have to occur
in order for this even to happen, resulting in
compromise of confidentiality and integrity of
corporate data.
Loss or theft of data from server could result in
compromise of confidentiality and integrity of
corporate data.
Unauthorized disclosure or modification
of data.
High
Unauthorized disclosure or modification
of data.
High
Unauthorized disclosure or modification
of data.
High
Unauthorized disclosure or modification
of data.
High
Unauthorized disclosure or modification
of data.
High
6
Hardware Issues/Equipment Failure or loss
Confidentiality and integrity of
corporate data could be compromised.
Low
7
Single Point of Failure
Inability to access the system.
Low
8
Poor Systems Administration Practices
External to Information systems and
Database Administration
Confidentiality and integrity of the data
could be compromised.
Low
9
Key Person Dependency
Inability to adequately support the
system.
Low
10
Loss of Critical Documentation, Data or
Software
Confidentiality and integrity of
corporate data could be compromised.
Low
19
Risk Assessment Report
Risk
No.
Risk Summary
Risk Impact
Risk Impact
Rating
11
Clear Text Transmission of Critical Data
Confidentiality of corporate data could
be compromised.
Low
12
Data Disclosure
Confidentiality of corporate data could
be compromised.
Moderate
Inadequate Customer Practices
Unauthorized disclosure or modification
of data.
Low
Inadequate Database Support
Confidentiality and integrity of
corporate data could be compromised.
Inability to access the system. Inability
to recover corporate data.
Low
Inadequate Applications Support
Inability to adequately support the
system.
Low
Software Issues from Vendor
Confidentiality of corporate data could
be compromised. Ability to provide
services to the campus could be
compromised.
Moderate
17
Poor Password Practices
Confidentiality and integrity of
corporate data could be compromised.
Low
18
System Compromise
Confidentiality and integrity of
corporate data could be compromised.
Low
19
Lack of Sufficient Operational Policies
Confidentiality and integrity of
corporate data could be compromised.
Low
20
Poor Physical Security
Confidentiality and integrity of
corporate data could be compromised.
Low
21
Functional Lockout
Inability to access the system.
Low
22
Environmental Issues
Inability to access the system.
Low
Inability to access the system.
Low
13
14
15
16
23
Natural Disaster
24
25
20
Risk Assessment Report
7
RISK DETERMINATION
Table K documents the criteria used in determining overall risk ratings.
Table K: Overall Risk Rating Matrix
Risk Impact
Risk Likelihood
Low
(10)
Moderate
(50)
High
(100)
High
(1.0)
Low
10 x 1.0 = 10
Moderate
50 x 1.0 = 50
High
100 x 1.0 = 100
Moderate
(0.5)
Low
10 x 0.5 = 5
Moderate
50 x 0.5 = 25
Moderate
100 x 0.5 = 50
Low
(0.1)
Low
Low
Low
10 x 0.1 = 1
50 x 0.1 = 5
100 x 0.1 = 10
Risk Scale: Low (1 to 10); Moderate (>10 to 50); High (>50 to 100)
Table L assigns an overall risk rating, as defined in Table K, to each of the risks
documented in Table D.
Table L: Overall Risk Ratings Table
Risk
No.
1
2
3
4
5
Risk Summary
Exploitation of flaws in application
software could result in compromise of
confidentiality and integrity of corporate
data.
Exploitation of flaws in operating system
software could result in compromise of
confidentiality and integrity of corporate
data.
Remote access currently set to… <specify
current controls>. If these controls are
not in place, unauthorized access could
result in compromise of confidentiality
and integrity of <what> data.
Multiple firewall failures would have to
occur in order for this even to happen,
resulting in compromise of confidentiality
and integrity of corporate data.
Loss or theft of data from server could
result in compromise of confidentiality and
integrity of corporate data.
Risk Likelihood
Rating
Risk Impact
Rating
Overall Risk
Rating
Low
High
Low
Low
High
Low
Moderate
High
Moderate
Low
High
Low
Low
High
Low
6
Hardware Issues/Equipment Failure or
loss
Low
High
Low
7
Single Point of Failure
Low
High
Low
8
Poor Systems Administration Practices
External to Information systems and
Database Administration
Low
High
Low
21
Risk Assessment Report
Risk
No.
Risk Likelihood
Rating
Risk Impact
Rating
Overall Risk
Rating
Key Person Dependency
Low
High
Low
10
Loss of Critical Documentation, Data or
Software
Low
High
Low
11
Clear Text Transmission of Critical
Data
Low
High
Low
12
Data Disclosure
Moderate
High
Moderate
9
Risk Summary
13
Inadequate Customer Practices
Low
Moderate
Low
14
Inadequate Database Support
Low
High
Low
15
Inadequate Applications Support
Low
High
Low
Moderate
High
Moderate
16
Software Issues from Vendor
17
Poor Password Practices
Low
High
Low
18
System Compromise
Low
High
Low
19
Lack of Sufficient Operational Policies
Low
Moderate
Low
20
Poor Physical Security
Low
High
Low
21
Functional Lockout
Low
Moderate
Low
22
Environmental Issues
Low
High
Low
Low
High
Low
23
Natural Disaster
24
25
22
Risk Assessment Report
8
RECOMMENDATIONS
Table M documents recommendations for the risks identified in Table D.
Table M: Recommendations
Risk
No.
1
2
3
4
5
Risk
Risk Rating
Exploitation of flaws in
application software could
result in compromise of
confidentiality and integrity
of corporate data.
Exploitation of flaws in
operating system software
could result in compromise
of confidentiality and
integrity of corporate data.
Remote access currently set
to… <specify current
controls>. If these controls
are not in place,
unauthorized access could
result in compromise of
confidentiality and integrity
of <what> data.
Low
Even though the risk is low, it is important to review and
implement any vendor provided patches and upgrades in a
timely manner.
Low
Even though the risk is low, it is important to review and
implement any recommended patches and upgrades from
reputable and confirmed sources in a timely manner.
Multiple firewall failures
would have to occur in order
for this even to happen,
resulting in compromise of
confidentiality and integrity
of corporate data.
Loss or theft of data from
server could result in
compromise of
confidentiality and integrity
of corporate data.
Recommendations
Moderate
The technical support staff for this system will coordinate
with the Networks group (who set up access permission in
all ODU firewalls) as to when to enable and disable vendor
access. Access will be restricted to static ip addresses. All
requests to the Networks group will be by email, to insure
an audit trail. In addition, the vendor account on the server
will be only enabled when required, then disabled when
access needs have been completed.
Low
No recommendations at this time.
Low
Access to server console functions will be limited only to
the technical support for this system when required.
6
Hardware
Issues/Equipment
Failure or loss
Low
Even though the risk is low, the system can be rebuilt from
backups.
7
Single Point of Failure
Low
Even though the risk is low, the system can be rebuilt from
backups.
Poor Systems
Administration
Practices External to
Information systems
and Database
Administration
Low
Even though the risk is low, it is important to review and
implement any recommended patches and upgrades from
reputable and confirmed sources in a timely manner.
9
Key Person
Dependency
Low
Even though the risk is low, it is important that all
personnel within their respective functional area keep
current on all aspects of their area.
10
Loss of Critical
Documentation, Data
or Software
Low
8
23
Risk Assessment Report
11
Clear Text
Transmission of
Critical Data
Low
OCCS utilizes secure methods when available, and is
currently reviewing all data transmission jobs to insure or
put in place where necessary.
12
Data Disclosure
Moderate
13
Inadequate Customer
Practices
Low
Insure adherence to OCCS SDLC standards and review of
customer test plans.
14
Inadequate Database
Support
Low
Adherence to OCCS SDLC standards and review of vendor
recommended upgrades for database environments.
15
Inadequate
Applications Support
Low
Adherence to OCCS SDLC standards and review of vendor
recommended upgrades.
16
Software Issues from
Vendor
Moderate
17
Poor Password
Practices
Low
System Compromise
Low
Lack of Sufficient
Operational Policies
Low
Annual review of access requirements for employees.
Renew annual maintenance agreements; insure no
unsupported releases currently in use.
Insure validations are in place to prevent password re-use,
make sure passwords are checked for sensitivity and risk,
and expire passwords in pre-determined time.
Maintain all system components at appropriate release levels
and closely monitor system for unauthorized access.
Continue security awareness training, monthly and annual
system account reviews and make all account holder accept
the acceptable usage agreement annually.
18
19
20
21
22
23
Insure all operational policies, standards and procedures are
maintained and followed.
Monitor access to secured areas within OCCS. Insure all
related policies, standards and procedures are maintained and
followed.
Poor Physical Security
Functional Lockout
Low
Maintain all system components at appropriate release levels
and closely monitor system for issues. Have a plan in place
for the replacement of hardware on short notice, if needed.
Environmental Issues
Low
Maintain equipment at optimum efficiency, replace
equipment on the manufacturer’s recommended cycle, and
maintain contracts for equipment maintenance.
Low
Maintain and test disaster recovery plans.
Natural Disaster
24
25
24
Risk Assessment Report
9
RESULTS DOCUMENTATION
Exhibit 1: Risk Assessment Matrix
Risk
No.
Vulnerability
Risk
Patches to correct flaws
in application software
not installed.
Comp.
crime,
malic.
use,
system
comp.,
unauth.
access
Confide
ntiality
and
integrity
of
corporat
e data.
Patches to correct flaws
in operating system
software not installed.
Comp.
crime,
malic.
use.
Confide
ntiality
and
integrity
of
corporat
e data.
1
2
Threat
Risk
Summary
Exploitation of
flaws in
application
software could
result in
compromise of
confidentiality
and integrity of
corporate data.
Exploitation of
flaws in
operating system
software could
result in
compromise of
confidentiality
and integrity of
corporate data.
Risk
Likelihood
Rating
Risk
Impact
Rating
Overall
Risk
Rating
Low
High
Low
OCCS Server Management
Standard requires that
application software changes
be applied after undergoing a
risk-benefit analysis. Patches
and updates are obtained only
from vendor and applied on an
as-needed basis.
Even though the risk is
low, it is important to
review and implement any
vendor provided patches
and upgrades in a timely
manner.
Low
High
Low
OCCS Server Management
Standard requires that
operating system changes be
applied after undergoing a riskbenefit analysis. Patches and
updates are only to obtained
only from reputable and
confirmed sources and applies
on an as-needed basis.
Even though the risk is
low, it is important to
review and implement any
recommended patches and
upgrades from reputable
and confirmed sources in a
timely manner.
25
Analysis of Relevant
Controls and Other Factors
Recommendations
Risk Assessment Report
Remote access to server
console not properly
monitored.
System
comp.,
unauth.
access
Confide
ntiality
and
integrity
of
corporat
e data.
Remote access
currently set to…
<specify current
controls>. If
these controls are
not in place,
unauthorized
access could
result in
compromise of
confidentiality
and integrity of
<what> data.
Moderate
High
Moderat
e
Loss of firewall
protection.
Comp.
crime,
malic.
use,
system
comp.,
unauth.
access
Confide
ntiality
and
integrity
of
corporat
e data.
Multiple firewall
failures would
have to occur in
order for this
even to happen,
resulting in
compromise of
confidentiality
and integrity of
corporate data.
Low
High
Low
3
4
26
Remote access is only allowed
for specific machines with
static ip addresses. Firewall
rules have to be in place in
order for server connection to
be completed. Current process
is adequate for internal usage;
need to monitor termination of
vendor usage more stringently.
The systems technical
support staff will
coordinate with the
Networks group (who set
up access permission in
all ODU firewalls) as to
when to enable and
disable vendor access.
Access will be restricted
to static ip addresses. All
requests to the Networks
group will be by email, to
insure an audit trail. In
addition, the vendor
account on the server will
be only enabled when
required, then disabled
when access needs have
been completed.
This risk is highly unlikely to
occur in that it would require
the failure of all firewalls in
place, allowing access to the
database server.
Host IP Filtering is in
place on the protected
database servers to
prevent connectivity.
Risk Assessment Report
Internal access to server.
Comp.
crime,
maliciou
s use,
unauthor
ized
access
Confide
ntiality
and
integrity
of
corporat
e data.
Hardware Issues/
Equipment Failure or
loss
System
unavaila
ble
System
availabil
ity
Single Point of Failure
System
unavaila
ble
Poor Systems
Administration
Practices External to
Information systems
and Database
Administration
5
6
7
8
Key Person
Dependency
9
Loss or theft of
data from server
could result in
compromise of
confidentiality
and integrity of
corporate data.
Low
High
Low
Low due to
redundancy built
into the source
system.
Low
High
Low
OCCS maintains backups
adequate database server
backups which can be used to
rebuild this system.
Even though the risk is
low, backups should be
maintained in case of
hardware issues.
System
availabil
ity
Low due to
redundancy built
into the source
system.
Low
High
Low
OCCS maintains backup servers
and a disaster recovery site set
up to run mission critical
applications as needed.
Even though the risk is
low, backups should be
maintained.
Compute
r crime,
maliciou
s use,
system
compro
mise,
unauthor
ized
access
Confide
ntiality
and
integrity
of
corporat
e data.
Exploitation of
flaws in
software could
result in
compromise of
confidentiality
and integrity of
data.
Low
High
Low
OCCS server management
standard requires that software
changes be applied after
undergoing a risk-benefit
analysis. Patches and updates
are obtained only from reputable
and confirmed sources and
applied on an as needed basis.
Even though the risk is
low, it is important to
review and implement any
recommended patches and
upgrades from reputable
and confirmed sources in
a timely manner.
System
unavaila
bility
System
unavaila
bility
Loss of key
person could
result in system
downtime if a
software issue
occurred.
Low
High
Low
All functional areas have
backup personnel familiar with
their respective applications.
Even though the risk is
low, it is important that all
personnel within their
respective functional area
keep current on all aspects
of their area.
27
Internal access from OCCS is
tightly regulated based on
Access Control Policy 3501.
Access to server console
functions will be limited
only to the systems
technical support staff
when required. Any time
any individual accesses
the console function on
the servers, the Assistant
Director will be notified
as to the reason for the
access. Specific accounts
for each individual will be
set up so as to eliminate
the use of the
administrator’s account.
Risk Assessment Report
Loss of Critical
Documentation, Data
or Software
Compute
r crime,
maliciou
s use,
system
compro
mise,
unauthor
ized
access
Confide
ntiality
and
integrity
of
corporat
e data.
Loss of
identified
vulnerability
could result in
data
compromise and
temporary
disruption in
service
Low
High
Low
OCCS Access Control Policy
restricts employees to only data
relevant to their daily jobs. The
system can be rebuilt.
Annual review of access
requirements for
employees.
Clear Text
Transmission of
Critical Data
Compute
r crime,
maliciou
s use of
data
Confide
ntiality
in PII
integrity
Capture of clear
text data could
result in identity
theft and /or
system access
control issues.
Low
High
Low
OCCS utilizes secure methods
when available, and is currently
reviewing all data transmission
jobs to insure or put in place
where necessary.
OCCS utilizes secure
methods when available,
and is currently reviewing
all data transmission jobs
to insure or put in place
where necessary.
Data Disclosure
Compute
r crime,
maliciou
s use of
data
Confide
ntiality
in PII
integrity
Could result in
identity theft
and/or system
access control
issues.
Moderate
High
Moderat
e
OCCS Access Control Policy
and Security policies should
minimize the likelihood of this
even occurring.
Annual review of access
requirements for
employees.
Inadequate Customer
Practices
Corrupti
on or
loss of
critical
data
Confide
ntiality
and
integrity
of
corporat
e data.
Data corruption
or loss could
result from
improper or
incomplete
testing of
system changes
Low
Moderate
Low
OCCS requires customer
acceptance sign-offs for all
software changes. This is part
of the system development life
cycle.
Insure adherence to
OCCS SDLC standards
and review of customer
test plans.
Inadequate Database
Support
Corrupti
on or
loss of
critical
data or
applicati
ons.
Confide
ntiality
and
integrity
of data.
Data corruption
or loss could
result from
improper or
incomplete
testing of
system changes
or system
management
/monitoring.
Low
High
Low
OCCS has a staff of DBA’s to
monitor and manage all
database environments for
potential issues and problems.
They also review software
patches and apply them as
needed in order to reduce the
exposure of the University to
known issues.
Adherence to OCCS
SDLC standards and
review of vendor
recommended upgrades
for the environments.
10
11
12
13
14
28
Risk Assessment Report
Inadequate
Applications Support
Corrupti
on or
loss of
critical
data or
applicati
ons.
Confide
ntiality
and
integrity
of data.
Data corruption
or loss could
result from
improper or
incomplete
testing of
system changes.
Low
High
Low
Software Issues from
Vendor
Corrupti
on or
loss of
critical
data or
applicati
ons.
Confide
ntiality
and
integrity
of data.
Data corruption
or mission
critical system
disruption.
Moderate
High
Moderat
e
Poor Password
Practices
Compute
r crime,
maliciou
s use,
system
compro
mise,
unauthor
ized
access
Compute
r crime,
maliciou
s use,
unauthor
ized
access
System
availabil
ity,
confiden
tiality
and
integrity
of
corporat
e data.
Confid
entialit
y and
integrit
y of
corpora
te data.
Data theft, data
corruption,
application
system
alteration or
disruption.
Low
High
Low
High
15
16
17
System Compromise
18
Compromise of
the system could
result in data theft,
data corruption,
application system
alteration or
disruption.
29
OCCS has a staff of application
developers that follow industry
accepted SDLC guidelines.
Each functional area has a
backup that is capable of
providing support in the absence
of other team members.
Adherence to OCCS
SDLC standards and
review of vendor
recommended upgrades.
OCCS has maintenance
agreements with software
providers of mission critical
applications.
Renew annual
maintenance agreements;
insure no unsupported
releases currently in use.
Low
OCCS has a password
management standard in place
to address this vulnerability.
Insure validations are in
place to prevent password
re-use, make sure
passwords are checked for
sensitivity and risk, expire
passwords in predetermined time.
Low
Internal access from OCCS is
tightly regulated based on Access
Control Policy 3501
Maintain all system
components at appropriate
release levels and closely
monitor system for
unauthorized access.
Continue security awareness
training, monthly and
annual account reviews and
make all account holders
accept the acceptable usage
agreement annually.
Risk Assessment Report
Lack of Sufficient
Operational Policies
Compute
r crime,
maliciou
s use,
system
compro
mise,
unauthor
ized
access
Confid
entialit
y and
integrit
y of
corpora
te data.
Lack of, or the
proper execution
of, sufficient
operational polices
could result in
data theft, data
corruption,
application system
alteration or
disruption.
Low
Moderate
Low
All account holders must sign the
Acceptable Usage Agreement
annually.
Security awareness
training is required of all users
annually. OCCS maintains a
robust security infrastructure to
protect data and ensures all
applicable security, database and
application patches are properly
tested and applied as required.
OCCS has numerous policies,
standards and procedures in these
areas.
Insure all operational
policies, standards and
procedures are maintained
and followed.
Poor Physical Security
Compute
r crime,
maliciou
s use,
system
compro
mise,
unauthor
ized
access
Confid
entialit
y and
integrit
y of
corpora
te data.
Poor physical
security could
allow personal
access to staff
workstations or
Computer Center
assets which could
result in data theft,
data corruption,
application system
alteration or
disruption.
Low
High
Low
Control 6.1 requires secure
computing facilities. The central
facility is card controlled
allowing access to staff requiring
access to carry out their duties.
Monitor access to secured
areas within OCCS. Insure
all related policies,
standards and procedures
are maintained and
followed.
19
20
A secondary factor is the risk
associated with gaining access to
the client application from the
client location. Physical access
to
the
client
buildings,
workstation areas and networks
are adequately protected.
30
Risk Assessment Report
Functional Lockout
System
unavaila
bility
Inabilit
y to
access
the
system.
The inability of
staff to access the
computing
infrastructure or
applications could
result in the
inability to access
this system.
Low
Moderate
Low
The communications
infrastructure for on and offcampus access is maintained by
central IT staff and utilized
redundant server infrastructure to
guard against a single point of
failure for application access.
OCCS maintains additional
hardware which could be quickly
reconfigured and placed into
service and maintains vendor
relations sufficient to get
replacement hardware in a short
amount of time.
Maintain all system
components at appropriate
release levels and closely
monitor system for issues.
Have a plan in place for the
replacement of hardware on
short notice, if needed.
EnvironMental Issues
Loss of
AC or
power.
Inabilit
y to
access
the
system.
Environmental
issues could result
in the inability to
access and
maintain server
hardware.
Low
High
Low
Controls 2.1, 2.2, and 2.3 address
the need for contingency
planning in the event the central
facility is become unable to
support this system.
Maintain equipment at
optimum efficiency, replace
equipment on the
manufacturer’s
recommended cycle, and
maintain contracts for
equipment maintenance.
21
The university Physical Plant is
responsibly for the care and
maintenance of the
environmental systems with in
the central computing facility.
When needed, vendors are
brought in to address
environmental issues. If the
environmental impact of an event
is sufficient to render the central
computing facility unusable, the
disaster recover site would be
activated and any reporting
needed would be developed from
that source system.
22
31
Risk Assessment Report
Natural Disaster
23
Hurrican
es,
floods,
and
other
weather
phenome
non.
Inabilit
y to
access
this
system.
Natural disasters
could interrupt
power to the
Computer Center
and make it
impossible for
staff to support the
server
environment thus
disabling access to
the system.
Low
High
Low
Controls 2.1, 2.2, and 2.3 address
the need for contingency
planning in the event the central
facility is become unable to
support the system.
A sufficiently large natural
disaster, such as hurricane, will
be disruptive to the system and
the entire Tidewater area. As
soon as it is safe for the staff to
do so, the impact of the natural
disaster on the system will be
assessed and the necessary
actions taken to restore access to
the system. This could require
transfer of work to the disaster
recover site if the central facility
could not support the application.
24
25
32
Maintain and test disaster
recovery plans. Utilize the
DR site for any reporting
needed by the University.
Related documents
Developing Effective Communication in Health and Social Care
Developing Effective Communication in Health and Social Care
Social Studies Ch7 - Fulton County Schools
Social Studies Ch7 - Fulton County Schools
HST 132-Chap 2
HST 132-Chap 2
File
File
5a. Reclaiming social work in Hackney
5a. Reclaiming social work in Hackney
APUSH Review: The Compromise of 1850
APUSH Review: The Compromise of 1850
PPT Constitution
PPT Constitution
A Dividing Nation Chapter 9x
A Dividing Nation Chapter 9x
Download
advertisement