Each method is good for some point and fails at some point. The order of Complexity and cost of risk analysis generally increases in ascending order from qualitative to quantitative techniques. Depending upon certain circumstances a specific technique is used (Source: AS/4360:1999.For this paper, the Qualitative techniques for the Assessment Office assessment have been used. Qualitative techniques have Several benefits such as it is quicker, less complex, encourages communication between team members, priorities risk and identifies the area for immediate improvement, and it less costly as compared to Quantitative technique.At presently the Assessment Office staff‘s computer has to comply with ITS security policies. The University of Southern Queensland is obliged to comply with standard IS18– Information Standards on Information Security which is part of the Queensland Government Financial Practices Act. The University of Southern Queensland audited on an annual basis by the Queensland Audit Office.A simple cycle of risk management is shown below. Every organization has a central focus point for security concerns related to information systems. These Central focal points focus at all the parameters from Assess risk and determine needs, implement policies and controls promote awareness and monitor and evaluate.Risk analysis has been carried out for the areas of concerns identified by the Assessment Office staff. Once reviewing and going through these areas of concerns found 6 vulnerabilities are found. These vulnerabilities have been summarised in Risk Registers tables (Appendix: VII. The tables are arranged in order of importance of vulnerabilities, which should be avoided on the priority basis.“Baseline security is not a minimum level; it is the middle ground. It is a crucial position to achieve to avoid negligence, harmful litigation, and high insurance costs.” (Source: Parker 1998.The concept of adopting baseline security controls is contributing to a change in perception of security controls in many organizations.
Please type your essay title, choose your document type, enter your email and we send you essay samples