Welcome to Scribd!

Skip carousel

04 Jan 2019 East Coast Data Center Justine J

Uploaded by

Patrick Cloarec

0% found this document useful (0 votes)

5 views7 pages

Original Title

04-Jan-2019-East-Coast-Data-Center-Justine-J-

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

5 views7 pages

04 Jan 2019 East Coast Data Center Justine J

Uploaded by

Patrick Cloarec

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 7

Search inside document

IT Risk Assessment Template

04 Jan 2019 / East Coast Data Center / Justine J. Terminé

Éléments
Résultat 0 % 1 Actions 0
signalés

Conducted on 04.01.2019 13:26 PST

System Owner East Coast Data Center

Prepared by Justine J.
1.Élémentssignalés
Éléments signalés 1 signalés

Audit / Risk Assessment / Click Add Vulnerability (+) after you have identified a vulnerability or threat
source / Vulnerability 2 / Risk rating

Risk rating High

2.Audit
Audit 1 signalés
2.1.General

General

Describe the purpose of this IT security risk assessment

To assess current information security risks

Describe the scope of the risk assessment

East Coast facility

List all participants including role (e.g. system owner, system

custodian, network manager etc.)

Head of IT
Facility Manager

Describe key technology components including commercial

software

Desktops, Laptops, Server Room, proprietary software

Describe how users access the system and their intended use

of the system

staff access the system by logging in to their designated desktops, management have their
designated laptops
2.2.RiskAssessment

Risk Assessment 1 signalés
2.2.1.ClickAddVulnerability(+)afteryouhaveidentifiedavulnerabilityorthreatsource

Click Add Vulnerability (+) after you have 1 signalés
identified a vulnerability or threat source
2.2.1.1.Vulnerability1
Vulnerability 1
2.2.1.1.1.ThreatSource&Vulnerability
Threat Source & Vulnerability

Observation

Reception desktop left unlocked

Threat source/ vulnerability Intentional Insider

Evidence (flow diagrams, screenshots etc.) (optional)

Photo 1

Existing controls

Guard near the door

CCTV
2.2.1.1.2.Riskrating
Risk rating

Consequence Medium

Likelihood Unlikely

Risk rating Medium

2.2.1.1.3.RecommendedControls
Recommended Controls

Recommended controls or alternative options for reducing

risk

Reinforce the importance of locking the PC when not in use. I will talk to Anne and remind her of
our directive to improve our information security for ISO 27001 certification.
2.2.1.2.Vulnerability2
Vulnerability 2 1 signalés
2.2.1.2.1.ThreatSource&Vulnerability
Threat Source & Vulnerability

Observation

Laptop doesn't have password set

Threat source/ vulnerability Intentional Outsider

Evidence (flow diagrams, screenshots etc.) (optional)

Photo 2 Photo 3

Existing controls

This was a laptop issued last month and should already have the default password before it was
handed to the new staff.
2.2.1.2.2.Riskrating
Risk rating 1 signalés

Consequence High

Likelihood Likely
Risk rating High
2.2.1.2.3.RecommendedControls
Recommended Controls

Recommended controls or alternative options for reducing

risk

Will meet with Dan H. who issued the new laptop and his supervisor Trevor N. Will advise about a
possible warning.
2.2.1.3.Vulnerability3
Vulnerability 3
2.2.1.3.1.ThreatSource&Vulnerability
Threat Source & Vulnerability

Observation

east exit's newly installed glass door magnetic locks are malfunctioning

Threat source/ vulnerability Intentional Outsider

Evidence (flow diagrams, screenshots etc.) (optional)

Photo 4

Existing controls

Guard by the door and CCTV

2.2.1.3.2.Riskrating
Risk rating

Consequence High

Likelihood Unlikely

Risk rating Medium

2.2.1.3.3.RecommendedControls
Recommended Controls

Recommended controls or alternative options for reducing

risk

Facilities need to fix the magnetic lock. Exit will guarded 24/7 but we will not allow access to this
door until this is fixed.
2.3.Completion

Completion
Recommendations

Majority of staff are still on holiday vacation but we found plenty of security risks today. Will
conduct a meeting when everybody's back next week to reinforce the directive to get our ISO
27001 certification.

Signature

Justine J.
04.01.2019 14:26 PST
3.Résumédesmédias
Résumé des médias

Photo 1 Photo 2

Photo 3 Photo 4

Patch Management Policy and Procedure
Document4 pages
Patch Management Policy and Procedure
tbt32
100% (1)
Open in Thirty Seconds Defcon 16
Document132 pages
Open in Thirty Seconds Defcon 16
David Phillips
100% (3)
DISA 3.0 Project 12 PDF
Document29 pages
DISA 3.0 Project 12 PDF
Tony Varghese
No ratings yet
3 HSS9860 Maintenance and Troubleshooting (LTE)
Document59 pages
3 HSS9860 Maintenance and Troubleshooting (LTE)
Mauricio Acero
No ratings yet
Terms of Reference - Livelihood Assessment
Document5 pages
Terms of Reference - Livelihood Assessment
Plan International Philippines
No ratings yet
Disaster Recovery Plan: Olicies Rocedures
Document15 pages
Disaster Recovery Plan: Olicies Rocedures
thanhtung196
No ratings yet
Annex B: (Informative)
Document10 pages
Annex B: (Informative)
Sky Denn
No ratings yet
HPML IT Risk Assessment Report 2022 R3
Document61 pages
HPML IT Risk Assessment Report 2022 R3
sikanhino9090
No ratings yet
Cyber Capability Toolkit - Cyber Incident Response - Ransomware Playbook v2.3
Document22 pages
Cyber Capability Toolkit - Cyber Incident Response - Ransomware Playbook v2.3
nitu@786
No ratings yet
Anssi Guide Ebios Risk Manager Going Further en v1.0
Document84 pages
Anssi Guide Ebios Risk Manager Going Further en v1.0
Mehrnaz Khanjarian
No ratings yet
MSC Thesis
Document36 pages
MSC Thesis
Muddassir Sheikh
No ratings yet
Competency Profile Chart (CPC)
Document21 pages
Competency Profile Chart (CPC)
nur balqis kamaruzaman
No ratings yet
3 - Computer L3 - CoCu 1 (PG 37 - 58)
Document22 pages
3 - Computer L3 - CoCu 1 (PG 37 - 58)
dbu2952
No ratings yet
Risks and Opportunities Management Procedure
Document2 pages
Risks and Opportunities Management Procedure
dnmule
No ratings yet
Hazard
Document6 pages
Hazard
vg_vvg
No ratings yet
GENEX Assistant Training Slides
Document62 pages
GENEX Assistant Training Slides
ValentinIonescu
0% (1)
IS Assignment 2
Document6 pages
IS Assignment 2
klm klm
No ratings yet
Basic Computer Course (BCC) : Objective
Document6 pages
Basic Computer Course (BCC) : Objective
Mukund Kumaiyan
No ratings yet
Basic Computer Course (BCC) : Objective
Document6 pages
Basic Computer Course (BCC) : Objective
Mothur
No ratings yet
Basic Computer Course (BCC) : Objective
Document6 pages
Basic Computer Course (BCC) : Objective
Jd Hathiya
No ratings yet
2 ITGeneralControls
Document20 pages
2 ITGeneralControls
Cyber Guru
No ratings yet
Duty Statement ITSIITSecurity Administrator 91123
Document4 pages
Duty Statement ITSIITSecurity Administrator 91123
patilpatkars
No ratings yet
Online-Essentials Questions
Document7 pages
Online-Essentials Questions
briellexena06
No ratings yet
Bug Report: Project Name Program Manager Project Manager
Document2 pages
Bug Report: Project Name Program Manager Project Manager
Mohammad Faizan
0% (1)
SOW Work-IT-SecReview
Document19 pages
SOW Work-IT-SecReview
Richard Ramirez
No ratings yet
CCC Revision
Document6 pages
CCC Revision
Rahul Pambhar
No ratings yet
Network Security Policy: Best Practices White Paper.................................................................................... 1
Document8 pages
Network Security Policy: Best Practices White Paper.................................................................................... 1
pedrof
No ratings yet
Work Breakdown Structure
Document5 pages
Work Breakdown Structure
Usman A Sahibzada
No ratings yet
CCC - Revision - 3
Document6 pages
CCC - Revision - 3
Shivani Shukla
No ratings yet
Erik Decker - Leverage and Demonstrate Value With Your Cyber Insurance Renewal
Document8 pages
Erik Decker - Leverage and Demonstrate Value With Your Cyber Insurance Renewal
boris.hajduk
No ratings yet
Information Security Management
Document7 pages
Information Security Management
Vineet Kakkar
No ratings yet
PCI DSS v3 - 2 - 1 ROC S6 R2 Do Not Use Vendor Supplied Defaults
Document11 pages
PCI DSS v3 - 2 - 1 ROC S6 R2 Do Not Use Vendor Supplied Defaults
mrehan2k2
No ratings yet
Risk Identification Process
Document1 page
Risk Identification Process
Віталій Іванюк
No ratings yet
TMMIN - Coaching Material
Document10 pages
TMMIN - Coaching Material
Hasbi
No ratings yet
Cyber Capability Toolkit - Cyber Incident Response - Cyber Incident Response Plan (CIRP) v1.2
Document44 pages
Cyber Capability Toolkit - Cyber Incident Response - Cyber Incident Response Plan (CIRP) v1.2
Mateusz
No ratings yet
IAM - ISD EVC Record Reference
Document14 pages
IAM - ISD EVC Record Reference
Zakaria RAHOUI
No ratings yet
VAPT Methodology Report
Document3 pages
VAPT Methodology Report
Srinivas Naidu T S
No ratings yet
Calculate Client Security Hash - Process Design Document
Document14 pages
Calculate Client Security Hash - Process Design Document
Gio Vandy
No ratings yet
YA200
Document1 page
YA200
Adrio Bianchi
No ratings yet
MDT Operation Guide
Document18 pages
MDT Operation Guide
Hamid Raza
100% (1)
3 - Computer L3 - CoCu 1 (PG 37 - 58)
Document19 pages
3 - Computer L3 - CoCu 1 (PG 37 - 58)
azzkvbesut
No ratings yet
Comparison of Big Data Analyses For Reliable Open Source Software
Document5 pages
Comparison of Big Data Analyses For Reliable Open Source Software
Sohad S. Nassar
No ratings yet
Back Door
Document8 pages
Back Door
stejasbrit8221
100% (2)
Awareness in Computer Concepts (ACC) : Objective
Document4 pages
Awareness in Computer Concepts (ACC) : Objective
Mukund Kumaiyan
No ratings yet
Initial Security Incident Questionnaire For Responders PDF
Document1 page
Initial Security Incident Questionnaire For Responders PDF
Rufino Uribe
No ratings yet
Cyber+Capability+Toolkit+ +Cyber+Incident+Response+ +Malware+Playbook+v2.3
Document22 pages
Cyber+Capability+Toolkit+ +Cyber+Incident+Response+ +Malware+Playbook+v2.3
Hafiz Safwan
No ratings yet
Curriculum of Competency Unit (Cocu) : Infrastructure Support Computer System Operation Computer System Set-Up
Document22 pages
Curriculum of Competency Unit (Cocu) : Infrastructure Support Computer System Operation Computer System Set-Up
Prabakaran Muniandy
No ratings yet
4.2.15 - Cybersecurity Risk Assessment
Document19 pages
4.2.15 - Cybersecurity Risk Assessment
Rofiq Fauzi
No ratings yet
Cisa CPG Checklist v1.0.1 Final
Document13 pages
Cisa CPG Checklist v1.0.1 Final
michael.d.rinkus
No ratings yet
Ex: Watch: 1.1why We Need Embedded Systems
Document22 pages
Ex: Watch: 1.1why We Need Embedded Systems
Elias Yeshanaw
No ratings yet
Integrating Lenel Onguard Access Control in Milestone Xprotect®
Document4 pages
Integrating Lenel Onguard Access Control in Milestone Xprotect®
aertek
No ratings yet
Noss Computer System Level3
Document101 pages
Noss Computer System Level3
azwajmizahms09
No ratings yet
Offsec Sample Report
Document32 pages
Offsec Sample Report
iuppiter
No ratings yet
Project Risk Assessment Format
Document4 pages
Project Risk Assessment Format
snehal
No ratings yet
Enterprise Security Asignment 1
Document14 pages
Enterprise Security Asignment 1
koi
No ratings yet
Chapter 4 - Audit in An Automated Environment by CA - Pankaj Garg
Document4 pages
Chapter 4 - Audit in An Automated Environment by CA - Pankaj Garg
Anjali P A
No ratings yet
c5800 Safety Guide
Document44 pages
c5800 Safety Guide
yousrazeidan1979
No ratings yet
PerformComputerOperations Edited
Document76 pages
PerformComputerOperations Edited
Marivic Omosura Itong
No ratings yet
Roles - CERT in
Document1 page
Roles - CERT in
api-27477209
No ratings yet
Report2 - Project Management Plan
Document9 pages
Report2 - Project Management Plan
Trường Nguyễn Nhật
No ratings yet
Cloud Computing Security Assignment - 2 Threat Modelling For Security Operations Centre of Org M/S ABC
Document29 pages
Cloud Computing Security Assignment - 2 Threat Modelling For Security Operations Centre of Org M/S ABC
ali mahmud
No ratings yet
Ultimate Computer Security Survey
From Everand
Ultimate Computer Security Survey
James L Schaub
No ratings yet
Data Driven System Engineering: Automotive ECU Development
From Everand
Data Driven System Engineering: Automotive ECU Development
James Wen
No ratings yet
Fronius Onduleur 3 8 Instru PDF
Document172 pages
Fronius Onduleur 3 8 Instru PDF
Patrick Cloarec
No ratings yet
SDR Incident Management Plan v2
Document36 pages
SDR Incident Management Plan v2
Patrick Cloarec
No ratings yet
Cartographie
Document2 pages
Cartographie
Patrick Cloarec
No ratings yet
Pacific Coast Data Center Tony Smith 04 Jan 2019
Document13 pages
Pacific Coast Data Center Tony Smith 04 Jan 2019
Patrick Cloarec
No ratings yet
Information Security: Statement of Applicability For The UK & Ireland Business
Document13 pages
Information Security: Statement of Applicability For The UK & Ireland Business
Patrick Cloarec
No ratings yet
Using AWS in The Context of NHS Cloud Security Guidance: July 2019
Document41 pages
Using AWS in The Context of NHS Cloud Security Guidance: July 2019
Spit Fire
No ratings yet
USCG Cyber Trends and Insights in The Marine Environment
Document54 pages
USCG Cyber Trends and Insights in The Marine Environment
Jairo Sánchez
No ratings yet
Test FCCH
Document12 pages
Test FCCH
Nurh4y
No ratings yet
Penetration Testing and Vulnerability Assessment: Introduction, Phases, Tools and Methods
Document7 pages
Penetration Testing and Vulnerability Assessment: Introduction, Phases, Tools and Methods
karthik chithari
No ratings yet
MuhamadAzrulbinAmir LabTestSecurity 5A
Document10 pages
MuhamadAzrulbinAmir LabTestSecurity 5A
azrul amir
100% (1)
Tracey Lewis Resume
Document3 pages
Tracey Lewis Resume
Chilly07
No ratings yet
Yokogawa Risk Matrix For Cyber Security
Document21 pages
Yokogawa Risk Matrix For Cyber Security
hvananth
0% (1)
Certified Ethical Hacker v10
Document3 pages
Certified Ethical Hacker v10
zonetwyn
0% (1)
Lfs 416
Document4 pages
Lfs 416
Aung Aung
No ratings yet
Cyber Security Activities at The
Document49 pages
Cyber Security Activities at The
Sakthi Kamal Nathan Sambasivam
No ratings yet
CST8230 - Midterm (With Answers)
Document10 pages
CST8230 - Midterm (With Answers)
TO
No ratings yet
Cissp Memory Aid
Document5 pages
Cissp Memory Aid
SaraNowak
100% (1)
Peace Corps Computer System Security
Document3 pages
Peace Corps Computer System Security
Accessible Journal Media: Peace Corps Documents
No ratings yet
IT Infrastructure Audit Using AI - Muresan - Ghiran - Ana - Maria - en
Document23 pages
IT Infrastructure Audit Using AI - Muresan - Ghiran - Ana - Maria - en
naushad73
100% (1)
Binatone Wireless Router Applications
Document3 pages
Binatone Wireless Router Applications
NihilistThinker
No ratings yet
HSD Rapport Data Diodes
Document48 pages
HSD Rapport Data Diodes
Stephanie DM
No ratings yet
ACS Penetration Testing Report v1
Document15 pages
ACS Penetration Testing Report v1
sohaib siddique
No ratings yet
Week 10 Cybersecurity
Document47 pages
Week 10 Cybersecurity
Joya Labao Macario-Balquin
No ratings yet
Research in Progress Defending Android Smartphones From Malware Attacks
Document6 pages
Research in Progress Defending Android Smartphones From Malware Attacks
aontu
No ratings yet
Countering Cyber Proliferation-Zeroing in On Access-as-a-Service PDF
Document33 pages
Countering Cyber Proliferation-Zeroing in On Access-as-a-Service PDF
Janina Jani
No ratings yet
Vulnerability and Threat Assessment
Document14 pages
Vulnerability and Threat Assessment
K R
No ratings yet
Palo Alto Networks in The Datacenter PDF
Document9 pages
Palo Alto Networks in The Datacenter PDF
Ryanb378
No ratings yet
Azure Asset Management-Controls-032018
Document52 pages
Azure Asset Management-Controls-032018
Mayra Munoz
No ratings yet
2 Clause-Wise Requirements of ISMS Management System
Document25 pages
2 Clause-Wise Requirements of ISMS Management System
mseraji
100% (1)
Unit 1 - Basics of Cyber Security
Document19 pages
Unit 1 - Basics of Cyber Security
Varun p
No ratings yet
Deploying SS7 Signaling Firewalls
Document4 pages
Deploying SS7 Signaling Firewalls
amin rezaeinezhad
100% (2)
Syllabus HOD401 - FA17
Document12 pages
Syllabus HOD401 - FA17
Linh Bùi
No ratings yet