Week 5 Paper

There’s a saying that is, do onto others as you would like done onto yourself. Unfortunately, we live in a world where confidential data and financial assets can be stolen at any time. In fact, both can be stolen internally and externally from a company or organization, therefore, a risk-management policy is needed to prevent such a catastrophe from occurring.

“Risk management is a structured approach to managing uncertainty and includes actions taken to identify, assess, monitor, and reduce the impact of risks to your business. Risks are events, situations or circumstances which lead to negative consequences for your business. A good risk management plan with appropriate risk management strategies can minimize costly and stressful problems, and may also reduce insurance claims and premiums” (Small Business Development Corporation).

Effective risk management begins with the understanding, by everyone in the organization, that the effort is important, and that everyone is expected to uphold that effort. So far the organization has had its security breached on a number of occasions. Due to this problem, the organization has placed a high level of importance on physical and password security and anti-virus and anti-spyware protection. It has also decided to use 2 layers of firewalls to prevent hackers from getting in. In addition, the organization will also use the Intrusion-Detection Systems (IDSs) and VPNs. These steps with the help of employees and staff should help prevent unauthorized intrusions from both internal and external intruders that will steal sensitive information from our clients.

“Management has the ultimate responsibility to control risks. Control includes making decisions regarding which risks are acceptable and how to address those that are not. Those decisions can be made only with the participation of the entire workforce, because each of us understands the risks of his or her own tasks better than anyone else in the organization....