This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
The international standard has been prepared
To provide model for the establishing, implementing, operating, monitoring, receiving, improving the information security management system. An organization need to identify and manage many activities the application system of process with in organization combining with Identification and interaction process.
We have to understand organization information security requirements and how to implement the operating controls and how to manage an organization. By following the ISO 2700 manual is very helpful, it is easy to identify the risk, as well as identify the threats those assets. How to implement Information Security Management system and how to manage the operation and resource ofInformation security management systems.
We have different types of assets they are information assets, which categorize the data files, database System document and user manual. Paper document is the other assets it consist the agreement, single documents, receipts and account records. Machinery is one of the assets it categorize all the laboratory equipment and other services
Equipment, I explained all the main risk register assets detail.
The development of risk register in excel is we have number of threats that can occurred in working environment in these some threats are identified .by using the likelihood of threat found the Applicapability of the threat to the assets and also threat values for the identified assets
AGREED PERCENTAGE WORK SPLIT BETWEEN THE TEAM
Assigning the task among the individual the would yield a better outcome, because each individual task would be counted .in our team for each member allocated the task equally
Each team member has its own views and ideas to implement. So we split the job in earlier stage to provide every one in the group with specified job and responsibilities.
PROBLEM ENCOUNTERED PERFORMING THE INDIVIDUAL
While doing the individual report the task was allocated to me how the development of risk register in excel and population of risk register with 10 assets. I found some difficulty while doing the development of risk register in excel. we have number of threats That can be occurred in working environment .in these some of threats Are identified .each threat have the relation to identified the assets, where we can find the appropriate value of likelihood threat we have some identified threats like air burn particle/dust, airconditioning failure ,fire ,malicious software and etc.
we have a threat like dust for that some of the assets like machinery is a problem from the threat same information is a problem from the threat, another threat like fire for all assets it is a problem by using the likelihood of threat I found the applicability of threat to the assets also found threat values for the identified assets.
By following the ISO 2007 material was clearly explained that help us to identify the vulnerabilities .we have number of vulnerabilities like hardware ,software ,etc.it can be exploit by threat the vulnerability have the relation to the threats .by using the like hood of vulnerability being exploit by given threat ,I found the vulnerability values for the identified threats to assets.
COMMENTS ON REPORT PRODUCE
HOW WELL GROUP DID
We learned a lot how to interact each other in the team by sharing the project among ourselves .the project had been done effectively .I believe that we have done great job we split our job earlier stages to every one in the group with specified work. After the group has been divided we have a regular meetings have been held .we discuss about how the assignment was progressed. We succeed to submit the assignment on time, we worked together gave a final report.
WHAT I LEARNED
THE FOLLOWING THINGS I HAVE LEARNED:
- How to identify the assets
- I learned that how to identify the threats.
- Identify the vulnerabilities
- Risk assessments
- Risk register controls
- I learned the security is more important for the institution to protect all the information and details of student and staff.
- Assigning values to attack on assessment
- How to calculate the relative factor for assets
- How to prepare a report.
WHAT LESSON GROUP LEARNED
As group we learned that we should have a proper planning before doing a work .every one should have clear Understanding of his responsibilities, as well as job to be done On time .we divide the work in earlier stages so every one had a Clear understanding.