This week the thing I found most challenging was the quiz, I did not like the time box thing, every time i scrolled down the page to read a question it blocked my view which was very annoying. I did not find this set up of the quiz very constructive and helpful to my learning, when I do the quizes I use the notes and look up information on the internet, I find this way is much more useful for my learning as I am actually researching the answers. I found I did not have time to look at either of these things, and my result shows this, I did not do as well as i usually do because I guessed a lot. I have read the notes once and just once is not enough for me to have the information imprinted in my brain so I can do quizes without more resources. In conclusion I would prefer to not have a time restraint on future quizes.
Recently my log in page to online banking with my bank had the following message "Bank will never send an email asking you to follow a link to this logon page; or to any page requiring account or access ID details. If you receive such an email, it is not from Bank but is a hoax. This logon page should only be accessed directly from Bank’s website – not through an email link." I just though that this was an interesting thing to mention as this course is about security.
What is the best value that should be assessed when evaluating the worth of an information asset to the organization - replacement cost or lost income while repairing or replacing?
I would say lost income, if it takes longer than expected to repair something then the lost income will be greater than anticipated.
What is the likelihood value of a vulnerability that no longer must be considered?
I'm not sure about this answer. I will come back to it if i have a chance.
In what instances is baselining or benchmarking superior to cost benefit analysis?
Benchmarking is a process of comparing an organization's or company's performance to that of other organizations or companies using objective and subjective criteria. Baselining is a method for analysing computer network performance. The method is marked by comparing current performance to a historical metric, or "baseline". Cost-benefit analysis is the name given to the process of weighing up the costs and benefits of undertaking a project. (Wikipedia) Benchmarking or baselining are superior to cost benefit analysis because they take into account other factors, such as the performance of other organisations, this will give them a better idea of how there project could work.
How can we find out what an organization's risk appetite is? Why is this important?
Risk apetite is determining the level of risk an organization has. The purpose of this is to control directly how people make decisions on behalf of an organization in the face of risk and uncertainty by specifying the importance of risk in some way. We can find out an organizations risk apetite by looking at the following questions:
* Where do we feel we should allocate our limited time and resources to minimise risk exposures?
* What level of risk exposure requires immediate action?
* What level of risk requires a formal response strategy to mitigate the potentially material impact?
* What events have occurred in the past, and at what level were they managed?
(http://www.continuitycentral.com/feature0170.htm)
It is important to know an organizations risk apetite to ensure that the right levels of risk are being used.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment