Professional Documents
Culture Documents
3 Risk Assessment
3 Risk Assessment
Objectives Prerequisites
At the end of this lesson, students will be able to: To be able to understand this lesson, students need notions on :
• make a correlation with disaster management • management
• make a procedure of recovery
Keywords
Literature
Kizza, J. M. : Guide to Computer Network Security, Third Edition. Computer Communications and Networks.
Springer 2015
Stallings, W.: Cryptography and Network Security: Principles and Practice, Sixth Edition. Pearson, USA 2014
Further readings
Information Technology
Webster ’ s Dictionary defines disaster as a sudden misfortune, a Big security problems to the enterprise information systems
catastrophe that affects society that must be handled with skills
Identifying and Prioritizing the Disaster The ranking of critical assets may be based on the money
amount spent on acquiring the item or on the utility of the
• Low-level disasters may be local accidents like:
item.
• Human errors
• High temperature in room • Servers, workstations, and peripherals, Applications and data
• Server failure Media and output, Telecommunication connections
• Medium-level disasters may be less local including: • Physical infrastructure (e.g., electrical power, environmental
• Virus attack controls)
• Long power failures – may be a day long • Low level – these include:
• Server crush (Web, mail) – Printer paper, printer cartridges, media
• High-level disasters - this level includes the most – Pens, chairs, etc.
devastating disasters like: • Medium level – these include relatively costly items:
• Earthquakes – All peripherals
• Hurricanes – Switches
• Big fire – Workstations
• Terrorism – Physical infrastructures
• High level – these include valued items like:
– Servers
– Disks (RAID)/application data
– Workstations
Cycle: Master – Semestre 2 - SLED Academic Year 2016/2017
Université de Ngaoundéré - Faculté des Sciences Département de Mathématiques et Informatique
Keep in mind that prompt notification can reduce the disaster’s effects on the information system because it gives you time
to take mitigating actions.