Information System Risk Management Essay Example | Topics and Well Written Essays - 1750 words

Information System Risk Management - Essay ExampleThis is because achiever of the ERPs depends on m whatever factors which include technological (Hardw ar and software), efficient design of processes, and utilization of human recourses. The human resources are the users of the peeled ERP solution. It is with this in mind that administrations should take fortune management strategy that would identify and in any case control any ERP implementation risks. An organization at risk is exposed to potential threats. Risk management comprises of risk assessment, risk mitigation evaluation and assessment. Risk assessment is used to determine extent of the potential. Some tangible impacts of the success of a threat are thins like loss of revenue and the cost of repairing a system that has been unnatural (Stoneburner, 2008).Security Threats-ERP threats are real therefore it is important not only to identify the threats but also know the vulnerabilities of the system and look for ways of p reventing these threats from breaching the security of the ERP system. The threats whitethorn be grouped into the types which include the following(a)-3.0 Natural Threats-These are threats that are not caused by human beings. They include quakes, floods, tornadoes, hurricanes, temperature extremes, and many others. Intentional Threats-The crush examples of intentional threats are computer crimes or purposeful damage of property or even information. unknowing Threats-These threats may include unauthorized or even accidental modification of the system. The best way is to pick out the vulnerability of the system is to identify the threats and then examine the system under those threats.4.0 Vulnerability of the system champion has to think about business transactions that can lead to losses from the information system ground abuse, fraud and errors. This may lead to losses occurring when users use the system in a manner that they are not supposed to. It may either be intentional o r not. Also there may be threats from intrusion and attacks from outsiders. People may steal or come across authorization certificate and try to enter the system without the knowledge of the authorities and thus jeopardize the integrity of the information contained in the system database. In addition there may also be systems abuse and fraud from the insiders. current users can attempt and indeed succeed in entering into modules that they are not supposed to enter. centralisation of everything in the organization can become a performance bottleneck and also incr rilievo the ease with which people can sabotage the entire operations of the organization. One only needs to ensure that the ERP is not working and the organization will be on its knees unable to operate.5.0 External Security Threats Weak Passwords- By use of dictionary attacks, intruders can guess correctly the passwords that are used in the ERP system and consequently cause a malicious damage to the system or even get a ccess to other confidential data of the organization thereby compromising the integrity of the organization data. To eliminate this kind of threat, the organization should provide complex passwords and combine