COB 204 Chapter Notes - Chapter 7.4: Antivirus Software

7. 4: what organizations are doing to protect information resources. One of the major responsibilities of any cio is organizing an appropriate defense system for their entire enterprise. Early warning systems are proactive, scanning the web for new viruses and alerting companies of the danger. Risk: the probability that a threat will impact an information resource. Risk management: the goal to identify, control, and minimize the impact of threat. Three processes of risk management: risk analysis a. Implementing controls to prevent identified threats from occurring b. ii. Developing a means of recovery if the threat becomes a reality: there are several risk mitigation strategies that organizations can adopt, the most common strategies are: d. i. Risk acceptance: accept the potential risk, continue operating with no controls and absorb any damages that occur. d. ii. Risk limitation: limit the risk by implementing controls that minimize the impact of the threat. d. iii.