Week 4 Assignment – Risk Methodologies and Analysis


 

Overview

In order to successfully manage risk,  one must understand risk itself and the assets at risk. The way one goes  about managing risk will depend on what needs to be protected, and from  what to protect it. 

Instructions

Write a 3–4 page paper in which you: 

  1. Discuss at least three rationales for performing an information systems security risk assessment.
  2. Explain the differences in quantitative, qualitative, and hybrid  information systems risk assessment and illustrate the conditions under  which each type is most applicable.
  3. Describe the type of information that is collected to perform an  effective information systems security risk assessment. Include at least  three different types. Fully describe each and justify why you made  your selections.
  4. Describe at least five common tasks that should be performed in an information systems security risk assessment.
  5. Use at least two quality resources in this assignment. Note:  Wikipedia and similar websites do not qualify as quality resources. The  Strayer University Library is a good source for resources.

The specific course learning outcome associated with this assignment is: 

  • Evaluate risk analysis methodologies to determine the optimal methodology based on needs, advantages, and disadvantages.