Introduction: Every Company Needs To Take Risks To Thrive
18introductionevery Company Needs To Take Risks To Thrive But Not Too
Every company needs to take risks to thrive, but not too much risk which could be catastrophic. Finding the balanced amount of risk requires identifying what opportunities (or threats) are present, understanding how significant each of them is, recognizing what action to take to smartly handle both opportunities and risks, and lastly, monitoring all of the above, including discovering more prospects and threats. All told, this is called risk management. Specific to the seven domains of the IT infrastructure, this lab will cover IT risk management. In this lab, you will define the purpose of an IT risk management plan, you will define the scope for an IT risk management plan that encompasses the seven domains of a typical IT infrastructure, you will relate the risks, threats, and vulnerabilities to the plan, and you will create an IT risk management plan outline that incorporates the five major parts of an IT risk management process.
Upon completing this lab, you will be able to: Define the purpose and objectives of an IT risk management plan. Define the scope and boundary for an IT risk management plan to encompass the seven domains of a typical IT infrastructure. Relate identified risks, threats, and vulnerabilities to an IT risk management plan and risk areas. Incorporate the five major parts of an IT risk management process into a risk management plan’s outline. Craft an outline for an IT risk management plan, which includes the seven domains of a typical IT infrastructure and the five major parts of risk management and risk areas.
This is a paper-based lab. To successfully complete the deliverables for this lab, you will need access to Microsoft® Word or another compatible word processor. For some labs, you may also need access to a graphics line drawing application, such as Visio or PowerPoint. Refer to the Preface of this manual for information on creating the lab deliverable files.
Review the Lab Assessment Worksheet and research information on the IT risk management process using your preferred search engine. Review at least five search results, then access the following URLs: the PDF titled “Guide to Risk Assessment & Response” from the University of Vermont, and the PDF “Risk Management Process” from ETS or related sources. Summarize the similarities between IT and non-IT risk management processes in your Lab Report. Describe the five major steps: plan, identify, assess, respond, and monitor. Review the seven domains of a typical IT infrastructure and analyze risks, threats, and vulnerabilities relevant to healthcare IT systems in particular. Consider how each risk can be managed within its respective domain.
For each domain, create an outline in your risk management plan scope, covering the five major parts of the IT risk management process. These include risk planning, risk identification, risk assessment, risk response, and risk monitoring. Use the provided risks, threats, and vulnerabilities table related to healthcare IT infrastructure as your case scenario.
This completes the lab. Close your web browser when finished. Your deliverables include a Lab Report and a Lab Assessments file, demonstrating your understanding of the purpose, scope, risks, and structure of an effective IT risk management plan, aligned with the seven domains and the risk management process steps.