Risk Management the Field of Term Paper

Open, View, and/or
Download this Document

Total Length: 1197 words ( 4 double-spaced pages)

Total Sources: 4

Page 1 of 4

In terms of the management of the risk, this can be completed through either one or more of the following techniques: (1) mitigation of the risks; (2) transfer of the risk from one unit to the other, one project to the other and so on; (3) the acceptance of the risk; (4) the avoidance of the risks; (5) the communication of the risks and the search for risk management strategies, and last, (6) the implementation of the risk management strategies (Elky, 2006).

Once the company has decided to accept and mitigate the risk, it has several solutions to managing the risk. Steve Elky at the SANS Institute points out that there are at least five methods for risk management, namely the NIST methodology (National Institute of Standards and Technology), the OCTAVE methodology, the FRAP methodology, the COBRA methodology and the Risk Watch methodology. The challenge at this level is for the economic agent to identify those precise methodologies which best respond to their specific needs.

In the context of the medium sized company with 500 user enterprise architecture, the recommendation for usage is represented by a combination of three independent tools. Taken separately, each of the risk control tools has its own advantages and disadvantages. Nevertheless, through their combination, the company would become better able to serve its specific needs through the maximization of the advantages of the three methods and the minimization of their shortages. The three methods are the NIST methodology, the COBIT 5 method and risk watch.

The NIST methodology has the primary advantage of being technical and supervising technical process based on standards and rules imposed by the industry.

Stuck Writing Your "Risk Management the Field Of" Term Paper?

View All Our Example Risk Management the Field of Term Paper

Have A Custom Example Essay Written

This method is to be applied through nine specific steps, as follows: (1) the characterization of the system; (2) the identification of the threats; (3) the identification of the vulnerabilities; (4) the analysis of the control; (5) the determination of the likelihood; (6) the analysis of the impact; (7) the determination of the risk; (8) the formulation of control recommendations and last, (9) the documentation of the results (Elky, 2006).

Then, the COBIT 5 method is selected due to its ability to serve the business needs of the medium sized enterprise. Specifically, the IT department only represents a means of attaining the greater business objectives of the firm, meaning that the business component of the IT efforts is also essential. The COBIT 5 is as such recommended as it is the only risk management tool designed for IT components, but based on a business framework (ISACA).

Last, the third component of the risk management mechanisms proposed for the medium sized enterprise is represented by Risk Watch, which is a tool to be integrated in various control mechanisms in a recurrent and constant manner.

"Risk Watch is another tool that uses an expert knowledge database to walk the user through a risk assessment and provide reports on compliance as well as advice on managing the risks. Risk Watch includes statistical information to support quantitative risk assessment, allowing the user to show ROI for various strategies" (Elky, 2006).

All in all, risk management among IT structures is complex and the academic community has yet to devise a universally accepted method of control. In such a setting, it is recommended.....

Show More ⇣

     Open the full completed essay and source list


OR

     Order a one-of-a-kind custom essay on this topic


sample essay writing service

Cite This Resource:

Latest APA Format (6th edition)

Copy Reference
"Risk Management The Field Of" (2012, July 13) Retrieved June 4, 2026, from
https://www.aceyourpaper.com/essays/risk-management-field-70655

Latest MLA Format (8th edition)

Copy Reference
"Risk Management The Field Of" 13 July 2012. Web.4 June. 2026. <
https://www.aceyourpaper.com/essays/risk-management-field-70655>

Latest Chicago Format (16th edition)

Copy Reference
"Risk Management The Field Of", 13 July 2012, Accessed.4 June. 2026,
https://www.aceyourpaper.com/essays/risk-management-field-70655
   

Open, View, and/or
Download this Document
order custom essay example