Discuss the risk assessment. This includes a clear definition, detailed research and discussion about Apple Inc.
Discuss about the organizational risks and their control.
Answer to Question: ISSC481 IT Security: Planning And Policy
A leading company in Information Technology must be able identify and formulate strategies to mitigate and categorize risks. This is critical to its ability to stay competitive in the global market (Altuhhov Matuleviius & Ahmed 2013).
Apple’s risks must be minimized using a variety frameworks.
Apple must assign a qualitative and quantitative value to each identified risk. This is the method for assessing its risk.
Apple’s first phase of assessing risks would involve the application of a map based on risk heat to the risks identified by a register.
Apple can conduct a periodic survey on the assessment of market participants to identify the potential risks.
The survey can be used as a formalized method to help authorities keep abreast about the emergence of new risks.
Management of Apple can conduct an expectations survey concerning the risk assessment.
This survey is conducted by the company management with the purpose of regulating the expectations of senior managers concerning the control over inventory and supplies to customers.
Senior managers would be asked questions to determine the risks and associations with the semi-annually, monthly, and annual perceptions, expectations, and portfolio investments, as well as regulation of internationally located manufacturers (Odunola Olawumi & Ajayi (2014)).
Participants could share their hopes and objectives for each variable included in the categories: decrease, rise, significant decreases, significant increases and stable.
After collecting data, the company will be able to publish a monthly update that will contain the frameworks and strategies that are used to reduce the risks involved in Apple’s operation (Yeo, et. al., 2014.).
The company’s future expectations would be included as well as a comparison between previous surveys concerning the outcomes of the risks and the realizations.
The survey methodology in data collection and risk analysis would allow the company to reach a broad range of participants on the market. They would also be able, therefore, to significantly supplement the consultation regarding mitigation of the risks. (Odunola Olawumi, Ajayi, 2014.
The company should compile a list of regulatory authorities. This could include the research done by different academics, regulators, supranational and inter-governmental organizations as well industry associations and participants.
Regulating the time series for relevant data would allow recognition of trends and patterns that could indicate the evolution or emergence of a new type of risk.
Data collection methods will automatically allow monitoring by regulatory authorities. Additionally, analysis of all aspects will be done.
ReferencesAltuhhov, O., Matulevi?ius, R., & Ahmed, N. (2013).
An extension of the business model and notation in security risk management.
International Journal of Information System Modeling and Design. 4(4), 93–113.Hutchinson, D., Armitt, C., & Edwards-Lear, D. (2014).
SMES Security risk management: An agile approachOdunola, A. B., Olawumi, A. A., & Ajayi, O. E. (2014).
An adaptive decision-support model to manage data communication network security risks.
International Journal of Computer Applications. 106(8).Yeo, M. L., Rolland, E., Ulmer, J. R., & Patterson, R. A. (2014).
IT security is at risk.
ACM Transactions on Management Information Systems: (TMIS), 5(1).