Assets under the risk

Anything which is value for the company is considered as assets. In the IT realm, it can be a
system which runs on the software or the human resources who handle the system. In the
organization, there are different types of assets. As a given case study, the organization facing
threats in physical resources (Thekdi & Aven, 2016). The main assets of the company are IT
systems, computer networks, database, administration and network infrastructure in addition,
computers, hardware, storage devices, interchange, transmission, and printers. All these are
considered as IT assets.
Reason for threats
The physical security is the main aspects of IT. The organization needs to pay attention to the
different types of threats and security lacks in the infrastructure. The IT infrastructure of the firm
is very vulnerable as it consists of different types of networks, devices, and transmissions. Thus,
the company needs to pay attention to the root causes of all these problems.
In information technology, there are several threats available. The infrastructure threats are
related to the physical threats of IT departments. There are many reasons for the availability of
such threats in the system which is given below.
unattended assets and area
The main reason for available of physical threats in the organization is the lack of unattended
assets and area. In the IT infrastructure, the organization needs to pay attention to all the assets
which are associated with firms (Li, Ren & Wang, 2016) The committee needs to ensure that all
assets in the firm must have been secured from all types of an infrastructure problem.
Electrical threat
This type of threats is also available in the system. The main reason for such types of threats is
due to an insufficient supply of voltage in the system. When the organizations failed to maintain
the power supply at the workplace than such type of errors can be occurred.
Hardware Threats
Another threat in the system is related to physical damage of switches or servers. When the
routers or the switchers in the hardware are incompetent to perform their jobs or any type of the
physical errors comes at that time such type of threats cab occurs.
Impact of threats
The physical infrastructure of IT is sensitive. These threats impact on the firm’s information
storage and their business strategy. Following are the main impact of the IT threats on business.
 If any type of infrastructure threats occur than information of a company can be stolen
by other people. Information plays a critical role in IT. The organization collects
information to their daily transaction and also from the customers. This information can
also be related to business operations. Therefore, these threats impact on the information
vulnerability in the company.
 Another impact is related to political or economic exploitation. The information which
is theft or stolen by any individuals due to the infrastructure damage than it will political
advantage can be taken. Other organizations, for gaining the competitive advantage can
use such information. Employees or managers who are associated with the system can be
threatening. In addition, sometimes fraud people can also ask for monetary benefits.
Information collected by the company is can be related to any stakeholder in the n
addition, this information also is related to the finance of the firms (Wangen, 2017).
Thus, information theft by the person can be asked to make payments. Therefore, the
organization needs to pay attention to the financial information collected in the database.
 Infrastructure threats are also associated with unauthorized access. The organization
needs to make sure to provide authentic access to information and data. The physical
damage in the infrastructure can provide a chance to individuals for accessing the wrong
unauthorized access over the network and hardware. Due to this problem, the firms can
lose their data from the network. Thus, firm need to limit the access of network in the
firm.
 The assets in the IT are checked or inspected by individuals or respected team members.
Therefore, if the physical infrastructure in the company found damage in the
organizations than employees can be assaulted. For example, if any damage occurred as
Electrical threat occurred than the employee’s health can also be damaged.

Description of the risk assessment

Risk assessment refers to describe an overall method of the process that identifies hazard and
risk factors with portent responsibility in causing harm. It is liable to help in evaluating and
analyzing the possible hazards based on risk evaluation and risk analysis. In the context of
physical hazards take place in the IT systems, it is extensively necessary to acknowledge a risk
assessment in order to determine the removal of possible threats including electrical threats,
hardware threats, and human error threats. In the risk assessment process, the parameters of risks
are classified as high, medium and low considering the impacts and possible outcomes.

In the process of the risk assessment for electrical threats include three fundamental steps.
Firstly, it needs to assess the contact with the live parts in order to prevent any possibility of
causing shock or burns. In addition, the faults causing fires are also required to be assessed
properly. Eventually, this process needs to assess the electrical support in case it is the source of
ignition for paws potentially explosive atmosphere. For the purpose of ensuring safety from
electrical hazards, certain measurements are required to be considered. The maintenance in this
context includes observation on the connector or plug that they should not be damaged along
with the cable that needs to be repaired properly followed by the internal wires. This assessment
process also suggests the stains or burn marks to be present in the time of crisis.

It is always required to assess the penetration testing techniques in IT system to reduce or

remove hardware related threats, as It is liable to prepare the vulnerability database even for the
future instances. It is also supposed to help in maintaining the response teams for the computer
operation process along with the maintenance of audit reports situation of hardware deficiency
crisis. It enables the IT system to continue with proper communication channels with proper
maintenance of the monitoring process. Furthermore, assessing the physical infrastructure along
with efficient observation on the maintenance of the health and other needs of the employees can
also be effective in determining sustainability without difficulties related to human-error related
threats.
Reference

Thekdi, S., & Aven, T. (2016). An enhanced data-analytic framework for integrating risk
management and performance management. Reliability Engineering & System
Safety, 156, 277-287.

Li, C., Ren, J., & Wang, H. (2016). A system dynamics simulation model of chemical supply
chain transportation risk management systems. Computers & Chemical Engineering, 89,
71-83.

Wangen, G. (2017). Information security risk assessment: a method

comparison. Computer, 50(4), 52-61.