Assignment_2
docx
keyboard_arrow_up
School
University of Louisiana, Lafayette *
*We aren’t endorsed by this school
Course
590
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
4
Uploaded by MinisterJellyfishPerson3719
Adebusola Adewole c00448223
Assignment 2
o
On time
Qualitative
:
The risk is unlikely to occur (low) assuming the network
expansion project goes as planned and services are delivered. This also
they have hired a new network administrator and are compliant with
FISMA laws.
Quantitative
: If the project is completed on time with all the security
requirements there will be no loss of money.
o
One month early
Qualitative
: risk is low if assuming all the services have been delivered
with the necessary security requirements.
Quantitative
: no loss of money of assuming all the security requirement
have been delivered and there is no breach of contract, they will be paid
the full $20 million.
o
Two months late
Qualitative
: There’s a high chance that the risk will occur since the project
is late. The impact of not completing the project on time will be
detrimental. In addition to the security threats, there are also high risks
associated with lack of compliance with FISMA. They were also probably
not able to hire the new network administrator.
Quantitative
: This will lead to a 4 % deduction from the $20 million that
was meant to be paid. Therefore, the quantitative risk associated with
delivering the project two months late is $800,000
2.
Estimate the qualitative and quantitative risks of bringing the project to
completion:
o
On time, but not with the required security
Qualitative
: The risk will be high because the impact of a security attack
would have serious impacts since the required security was not
implemented.
Quantitative
: This will lead to loss of funds both to the company and the
US government. This means they’re breaching the term of their contract.
The quantitative risks here is $20,000,000 million in addition to the
potential $80 million they could have earned from successfully from
executing the contract.
o
One month early with the required security requirements
Qualitative
: The risk will be low risk since the security requirements were
implemented. This also means that there are no active threats if any
attack occurs it won’t have any impact.
Quantitative
: Since they are early and security requirements have been
implemented there will be no loss of funds
o
Two months late, without the required security requirements
Qualitative
: The risk will high. This means that there could be active
threats and a higher likelihood that a potential attack would have serious
impacts.
Quantitative
: The value of the project is worth $3 million. The single loss
expectancy from one of the risks becoming an incident is $3 million USD
to the government. Whereas to the company it is $100 million dollars since
that at stake since they could not fully deliver the project.
3.
Estimate the qualitative and quantitative risks of bringing the project to
completion on time, with the required security requirements, within/on
budget, but not meeting the required contractual commitment for service.
Qualitative: The risk level is medium. If they did not meet the required contractual
agreement, it means that the specified quality parameters were not met and were
below
-1.5%
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Quantitative: A breach of contract has occurred and this means they have they
will lose their potential earnings of $100 million.
References
·
Managing Risk in Information Systems, 3rd Edition, by Darril Gibson and Andy
Igonor, Jones & Bartlett Learning, LLC (2022), ISBN: 9781284193640