Monday, September 30, 2019
Application of Risk Management Essay
Application of Risk Management Scenario: YieldMore is a small agricultural company that produces and sells fertilizer products. The company operates through its headquarters in a small town in Indiana. Outside its headquarters, there are two large production facilitiesââ¬âone in Nebraska and one in Oklahoma. Furthermore, YieldMore employs sales force personnel in every state in the U.S. to serve its customers locally. The company has three servers located at its headquartersââ¬âActive Directory Server, a Linux application server, and an Oracle database server. The application server hosts YieldMoreââ¬â¢s primary software application, which is proprietary program managing inventory, sales, supply-chain, and customer information. The database server manages all data stored locally with direct attached storage. All three major sites use Ethernet cabled local area networks (LANs) to connect the usersââ¬â¢ Windows Vista workstations via industry standard, managed switches. The remote production facilities connect t o headquarters via routers T-1 (1.54 mbps telecomm circuit) LAN connections provided by an external Internet service providers (ISP) and share an Internet connection through a firewall at headquarters. Individual sales personnel throughout the country connect to YieldMoreââ¬â¢s network via virtual private network (VPN) software through their individual Internet connections, typically in a home office. Task: I would have to say the most likely pairs of threat/vulnerability are location, equipment failure, social engineering, Denial of Service (DOS), and Mal ware. These threats seem to be the most problematic for this company. The first one is location; the servers are all housed in the company headquarters where if a natural or manmade disaster would cripple the companyââ¬â¢s infrastructure. They need to distribute their servers to different locations. Another pair is equipment failure; each server has its own specific function that it handles and nothing else. It would help mitigate some of the risk that would happen if each server handled their own problems. Social engineering is a problem because it is dependent on the user which another person can hack the person for information that could get access to the organizations system. DOS is a problem because the publicà systems are not protected by firewalls and anti-virus program. This makes service availability a loss. The final pr oblem is malware which is caused by the lack of anti-virus or out of date virus definitions. The impact of this is usually the loss of server or information depending on what the virus was originally intended to do. There are six risk management steps you can use to protect your company: 1. Determining the objectives of the organization, 2. Identifying exposures to loss 3. Measuring those same exposures, 4. Selecting alternatives, 5. Implementing a solution, 6. Monitoring the results. I would suggest using all six steps to insure that my company is protected. The primary objective of an organization growth will determine its strategy for managing various risks. Identification and measurement of risks are relatively straightforward concepts.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.