1

RISK MANANGEMENT
2

Introduction

The goal of this study is to ensure that GLOBE INDUSTRIES receives the best product available
so they can establish a presence on the worldwide market and outperform their regional rivals.
The best feasible handling of any kind of vulnerability or threat should always be the top
priority. In the corporate world, confidentiality, integrity, and availability are essential and must
always be preserved (Tripathy, 2020). A system's tendency to be vulnerable can make it possible
for hackers or other undesirable users to get access to it. It can result in a lot of trouble, like
GLOBE INDUSTRIES losing crucial information or private papers that could have been
gathered and belonged to a client or an employer. Risks and vulnerabilities are divided into two
categories, starting with small ones. A LOW impact threat might be considered minor, and as the
threat's intensity expands to MODERATE, consequently does the category moving up to major
impact which is HIGH, and the most serious of the classifications. Recognizing the system being
utilized, the potential hazards it may pose, and how to counteract those threats constitute the risk
assessment's key goals.

Risk Assessment & Impact

The User domain, one among the domains containing the more frequent risk factors, is where the
risk impact analysis of each of the domains of a typical IT system begins. Users running these
risks might receive malicious emails, download malicious files, disregard strict password policy
guidelines, or be careless with information and leave sensitive data lying around the office
(Tripathy, 2020). Workstations are frequently the target of attacks. This domain could give a
hacker access to system flaws that would enable a more serious intrusion into the network's
internal systems. As it comes to the technology infrastructure, the LAN domain represents a very
challenging area.

The framework/application domain consists of significant areas and information, including

customer and worker information, company software, and significant industries. A person may
get unwanted access to the remote access domain and use it for accessing the internal network,
making it a crucial domain. To avoid loss of information, this region should use safe encryption
techniques. Service interruptions caused by the WAN domain can affect the ISP. When there is a
3

service interruption, it might affect how the workplace is maintained and slow down
productivity.

Table 1: Identified Risk, Impact, & Mitigation

Risks Impacted (Primary) Mitigation

access from an unauthorized
user to the public internet
A hacker infiltrates the inside
of network through the IT
systems
faulty communication circuit
There is known software
vulnerability with Workstation
(OS).
Attack on the email server of
the organization
Remote Access Domain
LAN to WAN Domain
System/App Domain
Workstation Domain
LAN to WAN domain
firewalls that are secure and
two-factor mitigating
DMZ use to reduce direct
access
Have several servers in
various places
Update operational systems to
prevent compromise
Cloud-based systems are
accessible to GLOBE
INDUSTRIES.

Probability score
Risks (0% - 100%) Impact (1 - 100) Risks Score
Corruption data 50% 20 10
Access of unauthorised 19% 70 13.3
Phishing 11% 52 5.72
Remote access 14% 15 2.1
Software vulnerability 60% 30 18
4

Table 2: Risks Registry

Risks
Likelihood Corruption Access of Phishing Remote Software
data unauthorised access vulnerability
Certain (90%) High Moderate Moderate Moderate High
Likely (50 – Moderate Moderate Low Moderate High
90%)
Moderate (10 – Moderate Low Low Low Moderate
50%)
Unlikely (3 – Low Low Low Moderate High
10%)
Rare (3%) Low Low Low Low Low

Mitigations Considerations

The cost of using a DMZ to reduce direct access depends on whether a foundation is built up and
whether additional hardware is needed (Dubrawsky et al., 2006). Time requirements should be
minimal if only the firewall needs to be set up. The works improve operational security by
reducing potential attack vectors inside the organization, with little to no negative impact on
operations.

The overall cost for using a separate location that utilizes an alternate ISP relies on the additional
local system support, a secondary ISP, or platform environment. This depends on whether
physical offshore auxiliary systems or cloud-based systems are chosen. With the exception of
taking into account a brief vacation if the primary frameworks are upset, there is no impact on
daily duties. While there may be some negative effects from limiting access to dynamic remote
meetings, there is also a beneficial result from increased security measures reducing potential
attack routes.

Depending on how frequently business implement or change the policy, it shouldn't take too long
to implement the Heavy Employee policy for GLOBE INDUSTRIES. Good effects on defining
the norms that must be followed as well as enabling a happier workplace.
5

Conclusions

While creating a risk management plan, the priority level identifies which risks or vulnerabilities
are major versus those that are small. If the critical situation is not managed effectively, it usually
results in a more dangerous situation. Because of this, GLOBAL INDUSTRIES must have
mitigation and prevention in place. For an effective IT plan, use this comprehensive and simple-
to-follow IT risk management plan.
6

References

Dubrawsky, I., Tate Baumrucker, C., Caesar, J., Krishnamurthy, M., Shinder, T. W., Pinkard, B.,
Seagren, E., & Hunter, L. (Eds.). (2006, January 1). Chapter 11 - DMZ Router and Switch
Security. ScienceDirect; Syngress.
https://www.sciencedirect.com/science/article/pii/B9781597491006500123

Tripathy, B. K. (2020). Risk Assessment in IT Infrastructure. In www.intechopen.com.

IntechOpen. https://www.intechopen.com/chapters/70812