Question 1: What are the steps used to proceed from risk analysis to risk management of assets?
The seven basic steps used in risk assessment process.
a) Identification of the technology assets
These are any software, hardware, services, and systems that are essential to a particular department. The assets should be appropriately selected, and minimize overlapping among these assets.
b) Aggregation and prioritization of the assets
Here, the team is required to choose the criteria to be used when prioritizing the technology assets as essential, normal, and critical. The criteria characteristics are such as impact, criticality, publicity, ethical and legal issues, and failure costs. The team should employ experience and judgment when classifying assets (Vose 2008).
c) Risk Identification
In this step the team is required to choose some of the applicable risks from common risks that are listed in the risk analysis section on the security website. They should identify risks that specifically affect their department. Problems and threats of these assets should be specific and tangible. All team members should participate so as to identify all the possible risks.
d) Prioritizing risks
This involves both the selected risks and the specific to the department are prioritized. This may provide ideas for the department on where some actions are to be planned. The first items on the list should be those that can possibly affect bigger number of the key assets.
e) Listing and defining risks
Risks are listed in a separate part of the report in order, and include a brief explanation for each. This is done by the team members who understand these risks fully.
f) Reference risks to critical assets
Critical assets are listed in a form of the risk analysis template, and each risk is identified by number from step five. This step helps the department in evaluating possible implementation plans and potential solutions for the critical assets including associated risks.
g) Recommendations for resolving risks
In this step, three options are used, which include:
- Addressing risks of an asset within an exact timeframe, and explanation that define the solution.
- Risks of the assets are defined and controls are not implemented due to information decided in evaluation or unique situation from the document of risk analysis.
- No implementing controls that address the risk basing on factors such as time and budget in the operating unit or the department.
Question 2: What is the function of a computer security incident response team?
Computer security incident response team is a group of people who are carefully selected and trained. There purpose is to correctly and promptly handle incidents in order to quickly control, investigate, and recover. The group is consist of members from the company, and must be people who can leave their work, and take power to make decision on an action. Their purpose varies according to the sector they are working on at a particular time. For instance, law enforcement focuses on cybercrimes by getting data from computer forensics about the affected systems (Vose 2008).