Project part 1: Risk Management Plan
James Johnson (17991808)
Defense Logistics Information Service
b. Assign to departments
c. Risk Matrix
d. Risk mitigation plan
e. Impact Analysis
g. Business Impact
h. Costs Analysis
III. Recommendations (BIA)
i. Business Impact Analysis Results
j. Maximum Acceptable Outage
IV. (DLIS) Business Continuity Plan
c. Plan Objectives
d. Disaster definition
e. Recovery teams
f. Team member responsibilities
g. Instructions for using the plan/Invoking the plan
...view middle of the document...
Cyber security personnel are responsible for keeping all the information secure that is on the network. Key roles that will play a big part in the completion of this project will pertain to network security and reliability and client confidentiality.
Department Managers | * Departments will do a RA specific to their department. * Duties will be carried out by Supervisors. |
Employees | * Employees will carry out task dependent on their department. |
Assign to departments:
Level | Likelihood Definition |
High | the threat source is highly motivated and sufficiently capable, and controls to prevent the vulnerability from being exercised are ineffective. |
Moderate | the threat source is motivated and capable, but controls are in place that may impede successful exercise of the vulnerability. |
Low | the threat source lacks motivation or capability, or controls are in place to prevent, or at least significantly impede, the vulnerability from being exercised. |
Risk mitigation plan
* Risk mitigation: The next major step in measuring level of risk was to determine the adverse impact resulting from successful exploitation of vulnerability. The adverse impact of a security event can be described in terms of loss or degradation of any, or a combination of any, of the following three security goals:
* Loss of Confidentiality â€“ Impact of unauthorized disclosure of sensitive information (e.g., Privacy Act).
* Loss of Integrity â€“ Impact if system or data integrity is lost by unauthorized changes to the data or system.
* Loss of Availability â€“ Impact to system functionality and operational effectiveness.
Magnitude of Impact | Impact Definition |
High | Exercise of the vulnerability (1) may result in the highly costly loss of major tangible assets or resources; (2) may significantly violate, harm, or impede an organizationâ€™s mission, reputation, or interest; or (3) may result in human death or serious injury. |
Moderate | Exercise of the vulnerability (1) may result in the costly loss of tangible assets or resources; (2) may violate, harm or impeded an organizationâ€™s mission, reputation, or interest; or (3) may result in human injury. |
Low | Exercise of the vulnerability (1) may result in the loss of some tangible assets or resources; (2) may noticeably affect an organizationâ€™s mission, reputation, or interest. |
Defense Logistics Information Service (DLIS) Business Impact Analysis Plan
(DLIS) has 26,000 civilian and military personnel throughout the world. (DLIS) provides supplies to the military services and supports their acquisition of weapons, repair parts and other materials.
* Land and Maritime
* Troop Support
* Disposition Services
* Logistics Information Service
* Document Services
* Defense National Stockpile Center to DLA Strategic Materials
Critical business function | non-critical business functions |