Purpose
The purpose for this is because the senior management at Defense Logistics Information Services (DLIS) decided that the existing risk management plan for the organization is out of date, and that a new risk management plan must be developed. This risk management plan is not only to minimize the amount of risks in the future, but also to be in compliance with the several Acts and regulations. DLIS is an organization within the Defense Logistics Agency (DLA), which is the largest logistics combat support agency for the Department of Defense. Keeping this in mine, we understand that there will be many risk that we have to think about. Since DLIS deals with a lot of sensitive information. The project team will ensure, when implementing…show more content… This new RA will be used to identify and evaluate risks. Risks will then be quantified based on their importance or impact severity. These risks are then prioritized. It will help identify which safe guards (controls) to implement. These controls will then be put in place to help reduce a vulnerability and or reduce the impact from a threat. The project team will be evaluating risks, evaluating controls, and periodically after a control has been implemented. These risk assessments are part of the overall risk management process. We will support decision making, evaluate control effectiveness, identify threats and vulnerabilities, Identify the likelihood that a risk will occur, identify asset values, determine the impact of a risk, and determine the usefulness of a safeguard or control. Some critical areas we will focus on will be Web server, Database Server, and the internal firewall. The type of method we will be using for this RA will be a Qualitative approach. Helping us get it done rather quickly. Since a qualitative risk assessment doesn’t assign dollar values. Instead it determines the level of risk based on the probability and impact of a risk. The risk categories while taking a Qualitative approach