risk management

1. Is the signal energy mechanical or electromagnetic? Sound energy is mechanical and radio frequency/microwave and optical/laser transmissions are electromagnetic.

2. What is the signal carrier frequency and bandwidth? The bandwidth of speech ranges from 20 Hz to 20 KHz but radio frequency transmitter frequencies can vary tremendously depending on the device. The power of the radiated signal is an important factor in estimating vulnerability to unauthorized signal detection that potentially leads to information loss.

3. What are the intervening materials between the signal source and the receive location? Recognize that signals often take multiple indirect routes in arriving at a destination. Understanding the effect of materials as a function of signal frequency will enhance the accuracy of estimates of the vulnerability component of risk.

There are different levels of clearance that individuals are subject to depending on the nature, sensitivity, and duration of access to information, assets and personnel.

Basic Check
These are not formal security clearances. A basic check (BC) provides only a basic level of assurance about the trustworthiness and integrity of individuals whose work may involve access to CONFIDENTIAL assets or information. For individuals who will definitely be working with protectively marked data, a higher clearance is usually sought. The check is carried out by reviewing official identity documents and sometimes references. The goal of a BC is to verify the following:
- Identity
- Signature
- Address
- Employment history
- Education.

Counter-Terrorism Check

IT Security Plan Template

Download Free IT Security Plan Template

A. APPLICATION/SYSTEM IDENTIFICATION

A.1 Application/System Category
- Indicate whether the application/system is a Major Application or a General Support System.
- A Major Application is "an application that requires special attention to security due to the risk and magnitude of the harm resulting from the loss, misuse, or unauthorized access to or modification of the information in the application."
- A General Support System is an "interconnected set of information resources under the same direct management control which shares common functionality. A system normally includes hardware, software, information, data, applications, communications, and people."

All user accounts in use within organization should be domain accounts and not local accounts held on each workstation's local user account database. The benefit of implementing standard user naming convention are:

1. Enable administrator of the domain to better manage, support and secure the user accounts.
2. Facilitate ease of management and support

Download Free Risk Register Template for IT & Project Management

1. BASIC RISK INFORMATION
Risk Number: Provide a unique identifier for risk

Risk Description / Risk Event Statement: A risk event statement states (i) what might happen in the future and (ii) its possible impact on the project. "Weather" is not a risk event statement. "Bad weather may delay the project" is a risk event statement.

Responsible: Name or title of team member responsible for risk

Date Reported