Professional Documents
Culture Documents
Tata Kelola TI Risks Management
Tata Kelola TI Risks Management
Tata Kelola TI Risks Management
Sylabus
Source Books
- reduce the threat that an incident will occur. For example, effective password
control coupled with individual security profiles (if properly managed) will
reduce the threat of unauthorised access to a system
- reduce the vulnerability of the system to a particular threat. Countermeasures
in this category aim to reduce the likelihood that a threat, if it occurs, will
succeed in damaging the system. For example a building constructed of materials
that have good fire retarding properties should be less vulnerable to the threat of
fire than say a wooden building
Overview
- reduce the impact should a threat succeed in attacking the system. For
example, distributing sensitive data across a number of separate databases, each
with its own access controls, would mean that any one security failure would
result in a limited amount of information being disclosed. Another approach to
reducing impact would be to remove the most sensitive information from the
computer system altogether.
- detect an incident should it occur. Countermeasures in this category are
designed to detect either attempted or actual security breaches. Computer logs
can be used to record how a computer system is being used, and software can be
designed to raise an alarm automatically if any one of a specified range of events
occurs (e.g. repeated unsuccessful attempts to log on). Other countermeasures of
this type include those designed to detect fire, water leakage and intruders
- recover from the impact. Countermeasures in this category are the last line of
defence. They are designed to restore normal service after all preceding controls
have failed and an incident has succeeded in damaging the system. Procedures
for backing up the system, system recovery, disaster planning and change
controls come within this category.
Countermeasure selection