Get a Free E-Book! ($50 Value)
HIRE A WRITER!
Paper Types
Disciplines
Get a Free E-Book! ($50 Value)

Technology Risk Management and the Law, Research Paper Example

Pages: 1

Words: 709

Research Paper

Part of the nature of business is the possibility that something may go wrong that impacts an organization’s ability to meet its goals and objectives. This is referred to as risk. Organizational risks vary and can appear in any area of a business such as information technology (IT). Managing risk in this area entails reducing the probability of risks occurring (Edmead, 2007). This is done by identifying, documenting, measuring, evaluating, mitigating, and monitoring risks to keep them at a minimum. This is known as the risk management process (DeLoach, 2012).

The Risk Management Process

A good organizational strategy includes an effective risk management process that includes “a clear purpose, reliable inputs, well-designed activities and value-added outputs” (DeLoach, 2012, para. 2). Without a risk management plan, an organization is open to all types of possible negative events occuring that could effectively cause havoc within the organization, specifically within its IT department which is one of the most vulerable areas in an organization. Managing possible risks so they do not turn into probable risks is the key to more secure technology operations. An effective risk management process also involves prepardness, response, recovery, and relief plans (Solomon, 1986). The risk management process is governed by federal and state laws that apply in specific contexts. According to Edmead (2007), the goal of the risk management process is eliminating negative risks or reducing them to acceptable levels, as well as transferring risks through insurance contracts or third party vendors for added security, to protect company assets.

Federal Laws and Technology Risk Management

On the federal level, technology risks management includes protecting the interests of home land security and national economic security through information security governed by the E-Government Act signed into law in 2002 (NIST, 2012). Risk management for information technology on a federal level involves each government agency such as the FDA and the departments of agriculture, energy, or defense (Risk Assessment and Risk Management, 1997), and the Federal Information Security Management Act (FISMA) requires each government agency to have an agency-wide information security program to secure information and assets. Federal regulatory compliance is required in specific areas of organizational operations to ensure the safety and security of the public, such as with periodic risk assessments, policies and procedures, security awareness training, and response procedures (NIST, 2012).

State Laws Regarding Risk Management

Each state is required to comply with federal regulations regarding managing risks to protect the state’s IT assets and business operations (Statewide Information Technology Policy, 2004). An example of information technology laws at the state level is those that protect the state from cybercrimes. The Computer Fraud and Abuse Act of 1986 prohibits malicious or unauthorized use of computer software or hardware, as well as online communications to engage in illegal activities such as information theft by use of the Internet (OLE).

Conclusion

It is important for organizations on both the federal and state levels to implement effective information technology risk management programs to address potential threats to the organization. There is nothing worse than companies folding because they were unprepared for preventable risks that turned into major problems. The risk management process should be sound with checks and balances in place to control how risks are identified and managed, to effectively protect all government agencies and the people concerned.

References

Statewide Information Technology Policy. (2004, November). North Carolina. Retrieved from https://rmp.scio.nc.gov/public/docs/Information%20Technology%20Risk%20Management%20Policy%20with%20Guidelines.pdf

DeLoach, J. (2012, January 10). Key Elements of the Risk Management Process. Retrieved from Corporate Compliance Insights: http://www.corporatecomplianceinsights.com/key-elements-of-the-risk-management-process/

Edmead, M. T. (2007, May). Understanding the Risk Management Process. Retrieved from Internal Auditor: http://www.theiia.org/intAuditor/itaudit/archives/2007/may/understanding-the-risk-management-process/

Effio, D. G., Kroner, O., Maier, A., Hayes, W., Willis, A., & Strawson, J. (2013, January). A Look at State-Level Risk Assessment in the United States: Making Decisions in the Absence of Federal Risk Values. Risk Analysis, 33(1), 54-67.

NIST. (2012, May 16). Computer Security Division. Retrieved from National Institute of Standards and Technology: http://csrc.nist.gov/groups/SMA/fisma/overview.html

OLE. (n.d.). Prosecuting Computer Crimes. (S. Eltringham, Ed.) Office of Legal Education Executive Office for United States Attorneys. Retrieved from http://www.justice.gov/criminal/cybercrime/docs/ccmanual.pdf

Solomon, K. A. (1986). Comparing Risk Management Practices at the Local Levels of Government with those at the State and Federal Levels. Santa Monica, CA: The RAND Corporation. Retrieved from http://www.rand.org/content/dam/rand/pubs/papers/2008/P7263.pdf

The Presidential/Congressional Commission on Risk Assessment and Risk Management. (1997). Risk Assessment and Risk Management in Regulatory Decision-Making. Final Report, Volume 2. Retrieved from http://www.riskworld.com/Nreports/1997/risk-rpt/volume2/pdf/v2epa.PDF

Time is precious

Time is precious

don’t waste it!

Get instant essay
writing help!
Get instant essay writing help!
Plagiarism-free guarantee

Plagiarism-free
guarantee

Privacy guarantee

Privacy
guarantee

Secure checkout

Secure
checkout

Money back guarantee

Money back
guarantee

Related Research Paper Samples & Examples

Plants, People, and the Environment, Research Paper Example

Introduction Avocado (Persea americana) is a fruit originated from the Americas. It belongs to the Lauraceae family and Perseal genus (Mooz et al. 274). It [...]

Pages: 1

Words: 891

Research Paper

Data Stewardship and Business Intelligence, Research Paper Example

Data stewardship is a concept applicable in healthcare that involves oversight and management of data assets in the organization aiming at providing the highest quality [...]

Pages: 1

Words: 325

Research Paper

Benefits and Hazards of Data Mining, Research Paper Example

Data mining is an important information technology that gives an opportunity to an organization for enhancing its effectiveness as well as efficiency. Data mining makes [...]

Pages: 1

Words: 330

Research Paper

Data Stores Data Warehouses and Data Marts, Research Paper Example

A data store refers to the storehouse of sets of data objects that are modeled to database schema by means of classes. The implication of [...]

Pages: 1

Words: 296

Research Paper

Object-Oriented Database Design, Research Paper Example

Data models The implication of database model is a type of specification that illustrate the structure and application of a database. A substantial number of [...]

Pages: 1

Words: 314

Research Paper

Water Polo, Research Paper Example

Why I’m writing this paper I came across water polo when my sister first started playing it in high school. She has taught me about [...]

Pages: 1

Words: 4583

Research Paper

Plants, People, and the Environment, Research Paper Example

Introduction Avocado (Persea americana) is a fruit originated from the Americas. It belongs to the Lauraceae family and Perseal genus (Mooz et al. 274). It [...]

Pages: 1

Words: 891

Research Paper

Data Stewardship and Business Intelligence, Research Paper Example

Data stewardship is a concept applicable in healthcare that involves oversight and management of data assets in the organization aiming at providing the highest quality [...]

Pages: 1

Words: 325

Research Paper

Benefits and Hazards of Data Mining, Research Paper Example

Data mining is an important information technology that gives an opportunity to an organization for enhancing its effectiveness as well as efficiency. Data mining makes [...]

Pages: 1

Words: 330

Research Paper

Data Stores Data Warehouses and Data Marts, Research Paper Example

A data store refers to the storehouse of sets of data objects that are modeled to database schema by means of classes. The implication of [...]

Pages: 1

Words: 296

Research Paper

Object-Oriented Database Design, Research Paper Example

Data models The implication of database model is a type of specification that illustrate the structure and application of a database. A substantial number of [...]

Pages: 1

Words: 314

Research Paper

Water Polo, Research Paper Example

Why I’m writing this paper I came across water polo when my sister first started playing it in high school. She has taught me about [...]

Pages: 1

Words: 4583

Research Paper

Get a Free E-Book ($50 in value)

Get a Free E-Book

How To Write The Best Essay Ever!

How To Write The Best Essay Ever!