CIS527- IT Risk Management / Assets and Risk Management

In order to successfully manage risk, one must understand risk itself and the assets at risks. The way one goes about managing risk will depend on what needs to be protected, and from what to protect it.

Write a three to four (3-4) page paper in which you:

1. Explain at least two (2) different risk assessment methodologies.
2. Describe the key approaches to identifying threats relevant to a particular organization.
3. Describe different types of assets that need protection.
4. Explain the relationship between access and risk, and identify the tradeoffs of restricting access to the organization’s assets.
5. Use at least two (2) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:

• Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
• Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

The specific course learning outcomes associated with this assignment are:

• Describe the components of an effective organizational risk management program.
• Use technology and information resources to research issues in IT risk management.
• Write clearly and concisely about topics related to IT risk management using proper writing mechanics and technical style conventions.