View Full Document

MUSC-Risk-Management-Guidelines



View the full content.
View Full Document
View Full Document

18 views

Unformatted text preview:

MUSC Information Security Guidelines Risk Management v 0 4 DRAFT 04 May 2005 Table of Contents Introduction Purpose and Scope Applicable MUSC Policies Applicable MUSC Standards Risk Assessment Concepts Goals of the Risk Assessment Process Risk Components Identifying Threats and Vulnerabilities Post Implementation Notes Quantitative vs Qualitative Analysis Assessing Probability Frequency Post Implementation Notes Assessing Impacts Calculating Risk Selecting and Prioritizing Security Controls Post Implementation Notes Documenting the Security Plan Communicating the Security Plan Risk Assessment Report Core Assessment and Reporting Guidelines System Identification Risk Assessment Participants System Characterization Guidelines for Specific System Life Cycle Stages Initiation Stage Development Procurement Stage Implementation Stage Post Implementation Stage Appendices Appendix A Risk Analysis Worksheet Appendix B Security Plan Summary Appendix C FIPS 199 Appendix D Security Controls Exhibits Exhibit Risk Analysis Worksheet Exhibit Sample Worksheet Exhibit Risk Assessment Report Cover Page Exhibit Sample Cover Page Exhibit Template MS Word Exhibit System Network Diagram Exhibit Sample Network Diagram Exhibit System Functional Diagram Exhibit Sample System Functional Diagram Exhibit Threat Vulnerability Matrix 1 Introduction 1 1 Purpose and Scope These guidelines are intended to help MUSC System Owners to meet the risk assessment and risk management responsibilities that are assigned to them by MUSC s information security policies These guidelines apply to all MUSC faculty students and staff who serve in system ownership roles in all of the entities that comprise the MUSC enterprise 1 2 Applicable MUSC Policies Information Security Information Security Risk Management Information Security Evaluation Information Security Documentation 1 3 Applicable MUSC Standards MUSC Information Security Standards Risk Management 2 Risk Assessment Concepts 2 1 Goals of the Risk



Access the best Study Guides, Lecture Notes and Practice Exams

Loading Unlocking...
Login

Join to view MUSC-Risk-Management-Guidelines and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view MUSC-Risk-Management-Guidelines and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?