1. Why is it important to prioritize your IT infrastructure risks, threats, and vulnerabilities?
It is important to prioritize because you must be aware of what the risks, threats, and vulnerabilities there are to your infrastructure. You need this so that you know where the most attention needs to be focused on.
2. Different companies have different priorities, what might be important to one organization might be minimal to other organizations. For example, a medical facility would have different prioritizations than a lawyer’s office.
What is the difference between short-term and long-term risk mitigation tasks and on-going duties? Short-term tasks usually involve quick fixes to the infrastructure such as applying a patch. A long-term risk mitigation task could involve getting an SLA with an outside contractor to provide support to off-site servers. On-going duties would ensure that the system stays viable and should directly affect the efficiency of the organization in a positive way.
5. Which of the seven domains of a typical IT infrastructure is easy to implement risk mitigation solutions but difficult to monitor and track effectiveness? The User domain is hard to track effectiveness because you can train employees and implement procedures for them to follow but you can’t always be sure that they are following the safeguards put in place.
When considering the implementation of software updates, software patches, andsoftware fixes, why must you test this upgrade or software patch before you implementthis as a risk mitigation tactic?You can’t implement software updates and patches as a risk mitigation tactic without firsttesting because it may not work as you intended or it may not meet your needs altogether.
Are risk mitigation policies, standards, procedures, and guidelines needed as part of your long-term risk mitigation plan? Why or why not? They absolutely are. There has to be a long term plan when it comes to mitigating risk or the entire...