Re-evaluation of ISACA Risk analysis
According to De Haes et al. (2020), the use of COBIT implementation in IT governance plays a critical role in risk
... [Show More] assessment. The method takes into consideration the probability as well as the direct impact of a threat to help people management make informed decisions. Roldán-Molina et al. (2017) state that proper assessment must incorporate all the potential risks individually.
RISK EVENT PROBABILITY IMPACT OVERALL RISK RATING
Laptop or mobile device with proprietary data lost or stolen High High- this would result in devastating consequences to the company by directly affecting the company's competitive advantage, reputation, and public trust High
Internal network break-in from outside Low Medium-high- in the unlikely event that this would happen, the system would suffer harmful exposure and reputation Medium Low
Virus, worm or Trojan infection High Medium-high - disruption at Code Galore would be devastating High
An external attacker or insider stole the source code source Medium Low High- this would seriously affect the organization's critical competitive advantage especially in light of its dwindling health Medium
Denial of service attacks Medium Medium- this kind of attack is relatively easy to address. As such, it would not wholly paralyze operations. Medium
Data Security breach for personal, financial and or customer data Medium-low High- negatively expose the company, affect company reputation, and lose client trust. Medium
Prolonged IT Outage Low High- this would paralyze operations at the firm hence causing devastating effects overall Medium
Pirated software, music or movies used within Code Galore Low Medium-high- damage reputation, lose clients and face legal action Medium
An attack against others initiated by Code Galore employee Low Medium high - affect company reputation and trust Medium
Data extrusion through interception of wireless signals Medium Low- the company has policies in place curbing this from taking place Low
Sabotage of source code Low Low- the occurrence is highly unlikely, and the company has backup systems in place. Low
FAIR Strategy Risk Analysis
The use of FAIR to analyze the risk factors at Code Galore depends heavily on the core factors surrounding the company's management and decision-making process. According to Carlson (2019), FAIR's key factors vary on a case by case basis. The table below shows a breakdown of the critical analysis for Code Galore risk. [Show Less]