Unit 03: Risk Evaluation

Presentation slides

Quiz-1 and solutions

Quiz-2 and solutions

Quiz-3 and solutions

Answers to the following questions should be written up and submitted following the instructions found in the Syllabus and posted to Canvas.

1. What is meant by the term “acceptable information system security risk”? Who within the organization determines what is the acceptable level of information system risk? How does an organization determine what is an acceptable level of risk?
2. What is an information risk profile? How is it used?  Why is it critical to the success of an organization’s risk management strategies and activities?
3. How would you go about creating an information risk profile for a small start-up business? Describe what the risk profile for the business would contain?  How should the business use the risk profile?

What is meant by the term “acceptable information system security risk”? Who within the organization determines what is the acceptable level of information system risk? How does an organization determine what is an acceptable level of risk?

What is an information risk profile? How is it used?  Why is it critical to the success of an organization’s risk management strategies and activities?

How would you go about creating an information risk profile for a small start-up business? Describe what the risk profile for the business would contain?  How should the business use the risk profile?