Scribd
Upload
29 views25 pages

Risk Analytics (IMT) - Chapter 12

Uploaded by

msmakkar.chief19
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
29 views25 pages

Risk Analytics (IMT) - Chapter 12

Uploaded by

msmakkar.chief19
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 25

Risk

Analytics
Project Risk
Management
Chapter 12
LOs
• Define threats
• Describe vulnerabilities
• Define exploits
• Discuss ways to maintain compliance
Threats
Threat can be defined as a situation or condition that may cause harm
if it goes unnoticed. It is an action or inaction which leads to harm, loss
or damage. Threats can lead to:
Threats
Threats
Threats
 Interception: Interception means an unauthorised employee has
gained access to the project data. Stealing data, overhearing
others communication are examples of interception.
 Interruption: Interruption means project data becomes
unavailable or unusable or gets destroyed. Losing a file, denial of
service are examples of interruption.
 Modification: Modification means an unauthorised change in
project data or tampering with it. Alteration of data, modification
of project schedules are examples of modification.
 Fabrication: Fabrication means additional data or activities are
included in the project that did not exist earlier. Adding a
password to a system, making additions to project scope are
examples of fabrication.
Unintentional and
Intentional Threats
Unintentional threats are the accidental threats which are
performed without any malicious intent. They may include:
Unintentional and
Intentional Threats
Intentional threats are the threats caused due to decisions made
with malicious intent. Such a threat may be carried out by one or
more persons in a project/organisation. Modification in the database
of an organisation by a disgruntled employee is an example of
intentional threat. Often intentional threats are motivated by greed,
anger or revenge.
Best Practices to
Manage Threats
Best Practices to
Manage Threats
Best Practices to
Manage Threats
Vulnerabilities
• Vulnerability can be defined as a weakness or a flaw which is
inherent in a project. It mainly develops the probability of causing
harm to the execution of a project.

• A vulnerability can result in risks but does not lead to loss on its
own. The loss occurs when a vulnerability is exploited by a threat,
which is also known as threat/vulnerability pair. Thus, losses are
experienced when both threats and vulnerabilities are paired.
Vulnerabilities
Threat Vulnerability Harmful Event or
Loss

Fire Non-availability of fire Complete loss of


detection and business/project
suppression
equipment

Equipment failure Lack of data backup Loss of data


availability

Threat/Vulnerability and their Probable Impact


Vulnerabilities
Threat Vulnerability Harmful Event or
Loss

Data theft Improper Loss of confidential


implementation of data
access controls

Users Inadequate access Loss of confidentiality


controls

Threat/Vulnerability and their Probable Impact


Managing
Vulnerabilities
Mitigation
Techniques for
Vulnerabilities
Mitigation
Techniques for
Vulnerabilities
Exploits
Exploits refer to a software program or code that takes the
advantage of a system’s vulnerability. There are two types of
exploits, namely, a remote exploit and a local exploit.
Exploits
Maintaining
Compliance
To maintain compliance, the following measures can be taken by
project managers and organisations:
Maintaining
Compliance
Summary
• Threat can be a situation or condition that may cause severe harm to
a project if it goes unnoticed.
• There are two main categories of threats, unintentional and
intentional. Unintentional threats are the accidental threats carried
out without any malicious intent. Intentional threats, on the other
hand, caused due to decisions made with malicious intent.
• Vulnerability refers to a weakness or flaw inherent in a project. It
mainly develops the probability of causing harm to the execution of a
project.
• A number of techniques can be used to mitigate vulnerabilities, such
as implementing policies, separating responsibilities, and training
employees.
Summary
• Exploits is a software program or code that takes the advantage of
the vulnerabilities. Exploits are usually caused by malicious
websites.
• Compliance refers to conforming to standards, legislations, rules or
any requirements. It helps project managers to ensure that the
project is being executed within the goals and objectives of a project.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy