Recent orders

Class 607 Discussion

Class 607 Discussion 3

Author’s Name

Institutional Affiliation

Class 607 Discussion 3

The readings from Anderson et al. (2011), Hillson and Hulett (2004), IEC (2009) and PQRI (n.d) present essential insights into risk assessment. For instance, IEC (2009) presents a diagrammatic representation of the steps and phases to be considered in the risk assessment processes. After reading these materials and looking back to my initial risk assessment for day-long canoeing down Delaware River, I realized that the only part of the risk assessment process as provided by IEC (2009), which I overlooked in my first risk assessment, was the risk analysis stage. From my initial risk assessment, it is clear that I covered all the other three stages of the process, namely, risk identification, risk evaluation, and risk treatment, but I did not cover risk analysis. From what I understand from the readings, risks analysis entails considering the causes of risks, sources of risks, and their consequences, which are reflected in updated risk assessment.

In my initial assessment, I delineated risk treatment for each risk. Some different ways to treat risks that were not covered in this assessment could include but not limited to providing directorate’s mandatory procedures, a prior inspection of canoeing locations on the river for potential hazards, availing first aid equipment, and supervising the pacing and rest stops of canoeing participants. Different ways of treating risk in other scenarios beyond the canoeing exercise include risk acceptance, avoidance, transfer, mitigation, and retention. Lastly, an organization’s risk appetite is determined by the company’s risk attitude and risk capacity (Anderson et al., 2011). While risk attitude is the enterprise’s approach to handling risk, which can entail a risk-seeking or risk-averse approach, risk capacity refers to the amount of risk the enterprise can bear.

References

Anderson, R., Aujla, B., Clatworthy, G., Garrini, R., Galileo, S., Hopkin, P., …, & Williams, C. (2011). Guidance paper: Risk appetite and tolerance. London. Institute of Risk Management.

Hillson, D. A., & Hulett, D. T. (2004). Assessing risk probability: Alternative approaches. In Proceedings of PMI Global Congress (pp. 1-5).

International Electrotechnical Commission [IEC]. (2009). Risk management – Risk assessment techniques. International Standard. IEC.

Product Quality Research Institute [PQRI]. (n.d). Hazard & Operability Analysis (HAZOP). In Manufacturing Technology Committee – Risk Management Working Group: Risk Management Training Guides. Product Quality Research Institute (PQRI).

Class 607 Discussion 3

Class 607 Discussion 3

Author’s Name

Institutional Affiliation

Class 481 Discussion

Efforts should be made to balance safety and privacy by ensuring that intelligence gathering strategies for national threat investigations are balanced against citizen privacy rights (Holt, Bossler, & Seigfried-Spellar, 2017). Difficulties in maintaining such a balance were apparent in Edward Snowden’s revelations regarding information collection processes adopted by GCHQ and NSA, raising questions whether Snowden was a hero or a traitor. From a critical outlook, Snowden is both a traitor who undermined ethical aspects of national security and a hero protecting individual privacy rights for several reasons.

On the one hand, Snowden is a traitor for three reasons. Firstly, he adopted questionable approaches to leak the information on Karma Police and classified NSA documents. Rather than utilizing ethical and legal avenues for patriotic whistleblowing, Snowden delivered information to foreign journalists, encumbering them the tasking role of deciding which of the documents he had stolen should reach the public and which should be treated as confidential. Secondly, he was not willing to face the consequences of his actions. If Snowden was genuine and believed that his actions were honorable, he would not have escaped away from the U.S. but would have confidently remained there to bear the consequences. Lastly, Snowden damaged his country’s foreign relations because most of the information he leaked related to the United States espionage on foreign operations in other countries (Holt, Bossler, & Seigfried-Spellar, 2017).

Conversely, Snowden is a hero for three reasons. Firstly, his revelations of illegal U.S. government’s activities sparked a global discourse regarding surveillance, which prompted the government to change its laws towards superior protection of Americans’ right to privacy (Holt, Bossler, & Seigfried-Spellar, 2017). Secondly, he demonstrated some sense of responsibility by revealing information about illegal practices and not U.S. military intelligence and diplomatic conversations. Lastly, Snowden paid an immense price in defending citizens’ liberty in that he risked his freedom to reveal how the U.S. government was jeopardizing their civil liberties.

References

Holt, T. J., Bossler, A. M., & Seigfried-Spellar, K. C. (2017). Cybercrime and digital forensics: An introduction. Routledge.

Class 607 Discussion 1

Class 607 Discussion 1

Author’s Name

Institutional Affiliation

Class 607 Discussion 1

The role of a private industry security officer entails enhancing the company’s capability to meet security requirements, ensuring compliance with industry security these prerequisites, and being accountable for contract security programs. So, the roles of the officer include protecting and safeguarding organizational property and people from criminal activities, monitoring areas continually for security, reporting incidences of insecurity, instructing security personnel on security engagements, and maintaining organizational security clearances. Also, the private industry security officer secures assets and information, conducts security briefings and drills, raises security awareness, and updates and upgrades individual security reliability statuses. The role of a chief security officer in the development of a business continuity plan for a corporation involves ensuring data protection, conducting due diligence of dealers, facilitating compliance management, addressing security risks, and integrating risk mitigation strategies (Wackrow, 2017).

The evolving threats and security priorities that are of greater concerns to private industry security professionals than to public security professionals are business intelligence, digital information security and cybersecurity, functional threat intelligence, identity management, and security information and event management (SIEM) as suggested by Fruhlinger (2018). In the last 20 years, the role of the chief security officer has evolved to become a mission-critical business service spanning broad risk areas that range from vendor due diligence and data protection to business continuity regulatory prerequisites, addressing the ever-changing security risk landscape, and managing compliance (Wackrow, 2017). The integration of security in business operations impacts the skills, knowledge, and traits needed to be an effective chief security officer in two ways. Firstly, such integration necessitates a CSO to be endowed with technical skills in information technology, along with the knowledge of comprehending the relationship between information technology security strategy and business strategy (Karana, 2017). Secondly, the integration impacts a CSO’s traits and skills by requiring them to be an effective strategist with sound collaboration, negotiation, and communication skills, strategy formulation and execution competencies, and change management capabilities (Onibere, Ahmad, & Maynard, 2017).

References

Fruhlinger, J. (May 8, 2018). What is a CSO? Understanding the critical chief security officer role. IDG Communications, Inc. Retrieved January 14, 2020, from https://www.csoonline.com/article/2122505/what-is-a-cso-understanding-the-critical-chief-security-officer-role.html.

Karanja, E. (2017). The role of the chief information security officer in the management of IT security. Information & Computer Security, 25(3), 300-329.

Onibere, M., Ahmad, A., & Maynard, S. B. (2017, July). The chief information security officer and the five dimensions of a strategist. In PACIS (p. 77).

Wackrow, J. (2017). The evolving role of the chief security officer. IDG Communications, Inc. Retrieved January 14, 2020, from https://www.csoonline.com/article/3173067/the-evolving-role-of-the-chief-security-officer.html.