CIS527: IT Risk Management
Title: Risk Management
It is an accepted truth that without risk there can be no gain. Every individual and organization who wants to succeed must take some risks. Risk management is not about not taking risks, but about taking risks in a controlled environment for which one must understand the risks their triggers and their consequences.
Write a four to five (4-5) page paper in which you:
- Contrast risk, threat, and vulnerability.
- Explain the relationship between risk and loss.
- Describe risk management and assess its level of importance in information security.
- Argue the need for organizations to take risks with its data (e.g., Is it a risky practice to store customer information for repeat visits.)
- Describe the necessary components in any organizational risk management plan.
- Use at least two (2) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
- Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
- Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
- Explain the basic concepts and need for risk management.
- Describe the components of an effective organizational risk management program.
- Use technology and information resources to research issues in IT risk management.
- Write clearly and concisely about topics related to IT risk management using proper writing mechanics and technical style conventions.