CMGT/400 week1 assignment

Assignment Preparation: Activities include independent student reading and research.

Assignment: Complete the University of Phoenix Material: Risky Situations table. 

  • List three types of sensitive information involved with each situation.
  • Identify three ways each information item could be misused or harmed.
  • Answer the questions at the end of the table.

Risky Situations

 

Identify three types of sensitive information involved with each situation. Then, describe three ways in which each information item could be misused or harmed. For each of these, note at least one likely finding that you would include in a risk analysis report of the organization. Finally, answer the questions at the end.

 

Situation 1 – Online Banking System

Information Affected

Potential Harm (Risk)

Likely Finding in Risk Analysis Report

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 


 

Situation 2 – Facebook Page

(organization or personal – specify which)

Information Affected

Potential Harm (Risk)

Likely Finding in Risk Analysis Report

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 


 

Situation 3 – Picture Phones in the Workplace

Information Affected

Potential Harm (Risk)

Likely Finding in Risk Analysis Report

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 


 

Situation 4 – E-Commerce Shopping Site

Information Affected

Potential Harm (Risk)

Likely Finding in Risk Analysis Report

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 


 

Situation 5 – Real-World Application

(such as CRM, ERP, other internal or external organizational systems – pick one and specify)

Information Affected

Potential Harm (Risk)

Likely Finding in Risk Analysis Report

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 


Questions

 

1.     What is the most effective way to identify risks like those you noted in the tables?

 

 

 

 

2.     What are some important factors when weighing the depth of a formal risk analysis? How would you balance the interruption needed for depth and the need to continue ongoing organizational activity?

 

 

 

 

3.     What should an organization’s risk management specialist do with the information once a potential risk has been identified? What information would be needed for senior management to know the danger of each risk and the proper way to handle the risk?

 

 

 

 

4.     How would this specialist properly prioritize these risks to make sure the most important ones were mitigated first?

 

 

 

 

5.     Who is responsible for ensuring that an identified risk is addressed by the organization? What role does the analyst play? What role does senior management play? What roles do the analyst and senior management each play in addressing organizational risks?

Leave a Comment

Your email address will not be published. Required fields are marked *