Home > Free Essays > Business > Case Study > Risk Factors in the Sprout Foundation Case
Rate

Risk Factors in the Sprout Foundation Case Essay

Exclusively available on IvyPanda Available only on IvyPanda
Updated: Jan 27th, 2021

The company in question is now facing quite a serious issue, as it needs to switch to a more efficient information system. The major threat source is the fact that the existing system is quite outdated and it cannot include all the necessary operations. The system was developed in 1990 and it cannot process the abundance of information available now. More so, the system is also vulnerable to various security violations due to the appearance of various viruses and programs that are distributed online. This leads to such major threat event as security violations. It has been acknowledged that information security is “both organizational and technological” issue that has to be solved for a company to remain competitive (Alberts & Dorofee 2003, p. 32). Contemporary systems are much more efficient and reliable. The predisposing conditions are the system’s flaws, the company’s operations in different countries, and the fact that employees use personal devices (that are often vulnerable to cyber-attacks).

These factors increase the risk of security violations. The adverse impact will be the disclosure of confidential information, which can have a detrimental effect on the company’s reputation. The loss of data can also be a significant problem. The organizational risk for the company is the damage to its reputation. People will stop trusting the charity and they will donate to other non-profits. This risk should be addressed and a new information system should be utilized. The company’s management should acknowledge the need to identify major risk factors and develop a proper plan to address them (Jordan & Silcock 2006). In this case, it can be enough to use a new system and to provide corporate devices to employees. Of course, the company should consider addressing professionals who can develop an efficient and safe IS rather than rely on start-ups. Additional funds will be necessary (to pay for services and acquire devices for employees) but this is crucial for the proper development of the company.

The NIST SP 800-30 Risk Model can be an effective tool employed for identifying risks. I have read several sources on risk management. Thus, Knight (2010) provides a list of actions that have to be undertaken. The steps suggested are quite detailed but they are somewhat ambiguous and the author does not provide sufficient information on identifying risks. Woody and Alberts (2007) pay more attention to the identification of risks and threats but they fail to provide an efficient framework.

The NIST SP 800-30 Risk Model can be seen as this efficient framework for detecting risks and identifying possible outcomes. For me, it was easy to apply the model to the case study. The case study provides quite detailed information on the matter but it could be challenging to identify risks and especially the outcomes for the company. However, the model provides a set of milestones to pay attention to. I followed the steps and it was easy to identify the threats and understand organizational risks. When working on a report concerning IS/IT, it is important to employ the model, as it will help to explain why the change is important. I believe that the model could help the company’s managers to develop a detailed plan for managing the existing risks. More so, it could help them to make the top management understand that the company needs a new information system, which would respond to the challenges of the non-profit operating in the 21st century.

Reference List

Alberts, C & Dorofee, A 2003, Managing information security risks, Addison Wesley, Boston, MA.

Jordan, E & Silcock, L 2006, Beating IT risks, John Wiley & Sons Australia Ltd., Chichester, UK.

Knight, KW 2010, ‘AS/NZS ISO 31000:2009 – the new standard for managing risk’, Keeping Good Companies, pp. 68-69.

Woody, C & Alberts, C 2007, , Web.

This essay on Risk Factors in the Sprout Foundation Case was written and submitted by your fellow student. You are free to use it for research and reference purposes in order to write your own paper; however, you must cite it accordingly.
Removal Request
If you are the copyright owner of this paper and no longer wish to have your work published on IvyPanda.
Request the removal

Need a custom Essay sample written from scratch by
professional specifically for you?

Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar

certified writers online

Cite This paper
Select a referencing style:

Reference

IvyPanda. (2021, January 27). Risk Factors in the Sprout Foundation Case. Retrieved from https://ivypanda.com/essays/risk-factors-in-the-sprout-foundation-case/

Work Cited

"Risk Factors in the Sprout Foundation Case." IvyPanda, 27 Jan. 2021, ivypanda.com/essays/risk-factors-in-the-sprout-foundation-case/.

1. IvyPanda. "Risk Factors in the Sprout Foundation Case." January 27, 2021. https://ivypanda.com/essays/risk-factors-in-the-sprout-foundation-case/.


Bibliography


IvyPanda. "Risk Factors in the Sprout Foundation Case." January 27, 2021. https://ivypanda.com/essays/risk-factors-in-the-sprout-foundation-case/.

References

IvyPanda. 2021. "Risk Factors in the Sprout Foundation Case." January 27, 2021. https://ivypanda.com/essays/risk-factors-in-the-sprout-foundation-case/.

References

IvyPanda. (2021) 'Risk Factors in the Sprout Foundation Case'. 27 January.

More related papers
Psst... Stuck with your
assignment? 😱
Hellen
Online
Psst... Stuck with your assignment? 😱
Do you need an essay to be done?
What type of assignment 📝 do you need?
How many pages (words) do you need? Let's see if we can help you!