Assignment
1. What is the purpose of the criteria developed in Step 1 of the Octave Allegro Methodology? How will these criteria be used during the risk assessment process?
2. Will the criteria that are developed in Step 1 of the Octave Allegro Methodology be the same for all organizations? Why or why not? Explain thoroughly.
3. If Worksheet 2 had the following information listed, what problems do you see? How might these problems impact a risk assessment?
|
Impact Area
|
Low
|
Moderate
|
High
|
|
Revenue Loss
|
Less than $1,000 yearly revenue loss
|
Between $10,000 and $50,000 yearly revenue loss
|
Over $100,000 yearly revenue loss
|
4. Develop questions that you could use when you interview the manager of the organization where you will be doing the risk assessment. The questions should be related to Worksheet 2 and the answers should provide you with the necessary information to completely fill out the worksheet.
5. In Appendix D of Introducing Octave Allegro, Worksheet 3 had "Bed Turnover Rate" added as a possible impact to productivity. Develop another productivity impact area to an information asset for an organization of your choosing. Be sure to list the title, as well as the low, medium, and high impact descriptions.
6. Discuss how the low, moderate, and high potential impact definitions in FIPS 199 might help you fill out the first five Octave Allegro worksheets when you meet with the organization for your project.
Reading: Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process by Richard A. Caralli, James F. Stevens, Lisa R. Young and William R. Wilson.
Format your assignment according to the following formatting requirements:
1. The answer should be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
2. The response also include a cover page containing the title of the assignment, the student's name, the course title, and the date. The cover page is not included in the required page length.
3. Also Include a reference page. The Citations and references should follow APA format. The reference page is not included in the required page length.