Question

REGARDING RISK ASSESSMENT

What are the control measures currently in use to protect against disclosure/brokerage of information?
What are the vulnerabilities related to information disclosure/brokerage found by the risk assessment team?

PLEASE MAKE COPY PASTE AVAILABLE

MUST BE 250 WORDS

Answer 1

Risk Assessment is the method of identifying the threat and various factors of risk which can cause harm to the information. After that the risk associated with these factors and analysed and evaluated. At the last step the various steps are taken to eliminate that risk or for controlling that risk of the risk cannot be completely destroyed. These are various steps which are performed in the risk assessment.

What are the control measures currently in use to protect against disclosure/brokerage of information?

Ans: -

For protecting against the disclosure and brokerage of the information control measures are performed by the risk assessment and management team. System administrator defines the access controls. The members of the team are assigned to the different groups as it is a group-oriented process.

All the members or users of the system are completely trained for security policies and awareness before giving them the access of account credentials of the LAN servers. Training is the most important and essential part of the process because it all users should have proper knowledge regarding the working mechanism.

Only the system administrator who have legitimate access to the database should be allowed to disclose information to any employee or higher authorities with genuine work-related reasons.

All the documents and copies of the security policies and measures should be issued to the new employees and users of the system so that they follow all the relevant guidelines for protecting the disclosure/brokerage of information.

So, the above security measures needed to be followed to protect the disclosure and brokerage of the sensitive information. There can be many threats like interruption of the operations, brokerage of information and network related threats that can lead to the leak of the confidential and sensitive information.

What are the vulnerabilities related to information disclosure/brokerage found by the risk assessment team?

Ans: -

HGA is Hypothetical government agency which defines the rules and protocols to deal with the security threats and issue in any organizational environment. But if the policies procedures and standards defined by the HGA authority are not properly compatible with its own environment than it can be vulnerability found by the risk assessment team.

The documents which are used to store and keep record of the time and attendance of the different users should be saved on the regular basis. But if these documents and copies of these documents are not being saved on the system server regularly than this information can get locked and cannot be accessed. So, this is also a vulnerability and threat to the information.

If the HGA system does have capability to track and trace the attacker’s information then it could lead to the disclosure/brokerage of the information. So, system should audit and create log of the attacker while attacker access the system.

There may other network related vulnerabilities of the system like accidental loss of the sensitive information. Backup and recovery of the information is the essential part to prevent the accidental loss of the confidential information.