SNHU Managing Risks in an Org


In this module’s textbook reading, you learned that when managing risks in an organization, professionals in the IT department conduct research to identify threats, vulnerabilities, and threat/vulnerability pairs. Then the IT professionals determine the likelihood of each threat occurring. They present this information to IT management, whose role in risk management is to determine and recommend approaches to manage these risks. IT management then presents these recommendations to senior management, whose role is to allocate resources, specifically money and employees, to prepare for and respond to identified threats and vulnerabilities appropriately.

For this week’s activity:

  • You will fulfill the role of IT professionals in a small business.
  • You will analyze the short scenario provided below.
  • You are tasked with identifying threats, vulnerabilities, and threat/vulnerability pairs.
  • You will also estimate the likelihood of these threats occurring, and present this information to IT management.


Fertilizer Plus is a small agricultural company that produces and sells fertilizer products. The company headquarters is in a small town in Indiana. In addition to its headquarters, there are two large production facilities—one in Nebraska and the other in Oklahoma. Furthermore, Fertilizer Plus employs salespersons in every state in the United States to serve its customers locally.

The company has three servers located at its headquarters—an Active Directory server, a Linux application server, and an Oracle database server. The application server hosts Fertilizer Plus’s primary software application, which is a proprietary program managing inventory, sales, supply chain, and customer information. The database server manages all data stored locally with direct-attached storage.

All three sites use Ethernet-cabled local area networks (LANs) to connect the users’ Windows 7 workstations via industry-standard managed switches.

The remote production facilities connect to headquarters via routers with T-1 LAN connections provided by an external internet service provider (ISP), and share an internet connection through a firewall at headquarters.

Individual salespersons throughout the country connect to the Fertilizer Plus network via virtual private network (VPN) software through their individual internet connections, typically in a home office.

Assume the role of IT professionals assigned by Fertilizer Plus’s IT management to conduct the following risk management tasks:

  1. Identify threats to the seven domains of IT within the organization.
  2. Identify vulnerabilities in the seven domains of IT within the organization.
  3. Identify threat/vulnerability pairs to determine threat actions that could pose risks to the organization.
  4. Estimate the likelihood of each threat action identified (i.e., high, medium, low).
  5. Prepare a brief report or presentation of your findings for IT management to review.

Place this order or similar order and get an amazing discount. USE Discount code “GET20” for 20% discount

Posted in Uncategorized