Find Resources and Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

Subscribe to this discussion

Risk Analysis and Asset Prioriitization

Hi, All I'm Vera. I'm an IT auditor. I'm new in incident management, since before this I just see whether the problems or incidents coming were fixed and also the root cause. I wanna develop my audit program and also give deeper analysis about incident management. I find the security incident management audit/assurance program here. I'm a little bit confused about risk analysis and asset prioritization. The objectives : Policies and procedures should be established to ensure that a risk analysis and asset prioritization are part of the incident evaluation process. One of the step is: 3.1.1.1 Verify that the risk analysis includes risks such as loss of intellectual property; revenue loss from business interruptions; and loss from liability of business partners and noncompliance with legal, regulatory and standards requirements It's refer to IT Security only? Risk analysis here in which part? I work at a bank, risk analysis here bankwide or per unit/division? Do they need to define the risk? And does each unit report it to IT security if it's related with security? And about asset prioritization, what does it mean? Which division keeps the data? Thanks a lot! Vera
You must sign in to rate content.
(1 ratings)

Comments

RE: Risk Analysis and Asset Prioriitization

Anw, I focus more on security incident. For 4.1.4.2 for each security incident, verify the following • Timeliness of the incident reported to CIRT by the first-line problem/help desk function • Timeliness of CIRT establishing case and problem determination • Use of risk analysis to determine response • Effectiveness of initial containment of the intrusion • Timeliness and completeness of reports to management • Communication with affected entities • Closure of the incident • Formal report to management on incident identification, risk, losses if applicable, cost to remediate and action plan to prevent repeat incident • Review of the postincident action plan and report of evident success of the same third bullet, use of risk analysis to determine response --> maybe someone could give me an example. fourth bullet, we can see it from the first action and whether it can solve the problem or not? sixth bullet, if customer affected, then the CIRT must be have the documentation how they inform or deal with the customer? last bullet point, review of the postincident action plan and report of evident success of the same. Postincident action plan means what did they do to prevent repeat incident? How long it takes to review the postincident? What does evident success mean? Thank you so much! Vera
Vera525Lively at 9/11/2013 11:08:15 PM Quote
You must sign in to rate content.
(2 ratings)

RE: Risk Analysis and Asset Prioriitization

These questions are most common nowadays,there is also a risk management topic here at knowledge center. it will really be help.



nooruddinEnergizer at 7/22/2014 7:55:51 PM Quote
You must sign in to rate content.
(Unrated)

RE: Risk Analysis and Asset Prioriitization

These questions are most common nowadays,there is also a risk management topic here at knowledge center. it will really be help.



nooruddinEnergizer at 7/22/2014 7:55:51 PM Quote
You must sign in to rate content.
(Unrated)

RE: Risk Analysis and Asset Prioriitization

Anw, I focus more on security incident. For 4.1.4.2 for each security incident, verify the following • Timeliness of the incident reported to CIRT by the first-line problem/help desk function • Timeliness of CIRT establishing case and problem determination • Use of risk analysis to determine response • Effectiveness of initial containment of the intrusion • Timeliness and completeness of reports to management • Communication with affected entities • Closure of the incident • Formal report to management on incident identification, risk, losses if applicable, cost to remediate and action plan to prevent repeat incident • Review of the postincident action plan and report of evident success of the same third bullet, use of risk analysis to determine response --> maybe someone could give me an example. fourth bullet, we can see it from the first action and whether it can solve the problem or not? sixth bullet, if customer affected, then the CIRT must be have the documentation how they inform or deal with the customer? last bullet point, review of the postincident action plan and report of evident success of the same. Postincident action plan means what did they do to prevent repeat incident? How long it takes to review the postincident? What does evident success mean? Thank you so much! Vera
Vera525Lively at 9/11/2013 11:08:15 PM Quote
You must sign in to rate content.
(2 ratings)

RE: Risk Analysis and Asset Prioriitization

Anw, I focus more on security incident. For 4.1.4.2 for each security incident, verify the following • Timeliness of the incident reported to CIRT by the first-line problem/help desk function • Timeliness of CIRT establishing case and problem determination • Use of risk analysis to determine response • Effectiveness of initial containment of the intrusion • Timeliness and completeness of reports to management • Communication with affected entities • Closure of the incident • Formal report to management on incident identification, risk, losses if applicable, cost to remediate and action plan to prevent repeat incident • Review of the postincident action plan and report of evident success of the same third bullet, use of risk analysis to determine response --> maybe someone could give me an example. fourth bullet, we can see it from the first action and whether it can solve the problem or not? sixth bullet, if customer affected, then the CIRT must be have the documentation how they inform or deal with the customer? last bullet point, review of the postincident action plan and report of evident success of the same. Postincident action plan means what did they do to prevent repeat incident? How long it takes to review the postincident? What does evident success mean? Thank you so much! Vera
Vera525Lively at 9/11/2013 11:08:15 PM Quote
You must sign in to rate content.
(2 ratings)

RE: Risk Analysis and Asset Prioriitization

These questions are most common nowadays,there is also a risk management topic here at knowledge center. it will really be help.



nooruddinEnergizer at 7/22/2014 7:55:51 PM Quote
You must sign in to rate content.
(Unrated)

Leave a Comment

* required

You must login to leave a comment.