Question: Please assist with discussion questions. Please answer following questions with at least 3 paragraph response. Thank you.
Access control starts first with assessing risks so you can properly identify potential threats and determine how to mitigate those risks.
1. Your CIO has asked you to conduct a risk assessment on a newly acquired division that works on product development and has their own servers that will be joined into the existing network. Describe the steps you would take, including the areas you would assess and the reasoning for your approach. Would you use a qualitative or quantitative approach to this assessment? Justify your reasoning. Are there any external tools or websites that would be useful when conducting an assessment? Share your findings and provide any links to any useful resources you find.
- How do you determine who or what will assume liability for a risk?