Q1. Identify threats associated with outside vendors. Use as an example the threats to the information security of a small internet commerce company with 10 employees. In this example, the company uses an outside vendor for its order fulfillment. Once the list of threats has been generated, assign a likelihood score to each threat.
Q2. Discuss the process of identifying potential threats to an information asset. How can potential threats be identified? Comment on the usefulness of using established lists for a given industry as well as interviewing experts who have experience dealing with different types of threats.
Q3. Concentrate this module's area of research on "Microsoft's risk management approach." Write a 1-2 pages APA style paper, describing each of the four phases in the security risk management process.
Integrate and identify (with) the concepts from your textbook and the module/course content in your research exercise paper. The heading for the last section of your paper should include an "Author's Reflection" (your reflection) critiquing of the journal, publication, article, website, or situation examined. Be sure to use newly acquired terminology.