Assessing Current Network Concerns 43
The NVA will concentrate on those items prioritized as a level 6 or higher.
If there is time and additional resources available after the high-priority items
have been addressed, then the team can look at priority items 4 and 5.
Other Considerations
The primary objective of human resource management is to make the most
effective use of the people involved with the project. Activities included are
planning the organizational structure of the project, acquiring staff, and devel-
oping team members. The resources necessary to carry out the project and to
ensure its success should be clearly defined and documented in terms of their
roles and responsibilities. Reporting relationships can also be documented, if
necessary. Each person in the project should understand his or her responsibilities
and should have the time available to carry out those responsibilities.
Today’s computer systems, linked by national and global networks, face a
variety of threats that can result in significant financial and information losses.
Threats vary considerably, from threats to data integrity resulting from unin-
tentional errors and omissions, to threats to system availability from malicious
hackers attempting to crash a system. An understanding of the types of threats
in today’s computing environment can assist a security manager in selecting
appropriate cost-effective controls to protect valuable information resources.
Assessment of the network involves systematic consideration of:
The business harm likely to result from a significant breach of network
security (taking into account the consequences of failures of information
confidentiality, integrity, and availability)
The realistic likelihood of such a breach occurring in light of prevailing
threats and existing controls
Assessment of these two aspects of risk depends on the following factors:
The nature of the business information and systems
The business purpose for which the information is used
The environment in which the system is used and operated
The protection provided by the controls
Exhibit 2. Network Security Concerns Priority Matrix
Impact to the Organization/Network
Low Medium High
Probability
Low
14 7
Medium
25 8
High
36 9
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset