Briefly answer the following questions. Use facts and examples to support your position. Use APA style for any references.
When you deliver risk ratings for your organization, you must use the organization’s risk preferences instead of your own risk preferences. This is because risk assessment is for finding the organization’s risk tolerance and not your personal risk tolerance.
- What is the risk posture for each individual system as it contributes to the overall riskposture of the organization?
- How does each attack surface add up to a system’s particular risk posture? These include capabilities, methods and goals of any protections, particularly in the presence of an active threat agent.
- In addition, how do all the systems’ risk sum up to an organization’s computer security risk posture?
Answer preview
Systems and their information security risk are dynamic. Hence, the subject to changes to system constituents and operating settings, as well as interior or peripheral changes in the coercions and susceptibilities they face (Grantz, 2013). It is essential to apply a structured approach for identifying, managing, and responding to changes that may affect the security of the systems in an organization as this can make the enterprise in its totality vulnerable to security breaches. Continuous monitoring of these vulnerabilities helps to maintain a secure risk posture for an organization.
[400 Words]