Solved

Network / IT environment RISK (non security risks)

Posted on 2011-02-18
4
659 Views
Last Modified: 2012-05-11
When you ask most forums or IT folk about “risk” within IT environments, most of them immediately think you are on about “security”, “penetration testing” etc. I am  not convinced security is the only risk factor in an IT environment. But I genuinely am interested in getting some feedback from other people on what other elements of an IT environment outside IT constiture risk areas

So.... outside of security, what other risks are inherent within IT environments. Does there exist a master document with risk areas for a typical IT environment anywhere? Or can you provide some examples for me to review further?
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 3

Author Comment

by:pma111
ID: 34925072
often known as a risk universe or audit universe
0
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 250 total points
ID: 34925124
OK,

there is the "Risk Management Guide for Information Technology Systems" by NIST.
http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/nist800-30.pdf

It introduces kind of a classification:

- Natural Threats - Floods, earthquakes, tornadoes, landslides, avalanches, electrical storms, and other such events.

- Human Threats (general) - Events that are either enabled by or caused by human beings, such as unintentional acts or deliberate actions (sabotage).
 
- Human Threats (IT related) - inadvertent data entry/data destruction, deliberate network based attacks, malicious software upload, unauthorized access to confidential information.

- Environmental Threats - Long-term power failure, pollution, chemicals, liquid leakage.


wmp
0
 
LVL 3

Author Comment

by:pma111
ID: 34925164
Thanks, I will read through I was more after if anyone had conducted a recent risk analysis / risk universe that they would share as a template...
0
 
LVL 13

Assisted Solution

by:notacomputergeek
notacomputergeek earned 250 total points
ID: 34927435
The State of California has developed this information:
http://www.cio.ca.gov/OIS/Government/risk/toolkit.asp

Of particular interest to you may be the 'Assessment Tool For State Agencies'. Fill this out to see where your organization ranks. Main categories are:
Organizational Reliance on IT
Risk Management
People
Processes
Technology

woolmilkporc already mentioned NIST SP 800-30 and listed the main topics of Business Continutity hazards.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recovering from what the press called "the largest-ever cyber-attack", IT departments worldwide are discussing ways to defend against this in the future. In this process, many people are looking for immediate actions while, instead, they need to tho…
Postmortem reporting allow us to examine mistakes in a way that focuses on the situational aspects of a failure’s mechanism and the decision-making process of individuals proximate to the failure. Read our guide on how to handle IT post-mortem repor…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question