K1.14 Factors involved in threat assessment for the mitigation of threats and vulnerabilities:
• environmental:
o extreme weather
o natural disaster
o humidity
o air quality
• manmade:
o internal:
▪ malicious or inadvertent activity from employees and contractors
o external:
▪ malware
▪ hacking
▪ social engineering
▪ third-party organisations
▪ terrorism
• technological:
o technology failures and faults:
▪ misconfigured devices
▪ disk failure/corruption
▪ component failure
▪ power issues
▪ network dropouts
▪ inaccessible systems
▪ virtual private network (VPN) not connecting
▪ unresponsive systems
o device failures and faults (for example laptops, desktops, servers):
▪ hard disk failure
▪ random access memory (RAM) failure
▪ damaged peripherals
▪ device incorrectly configured
▪ additional card implementation (for example network interface card (NIC), graphics)
▪ server back-up set-up
o system failures and faults:
▪ firewall settings
▪ software breakages/corruption
▪ redundant array of independent disks (RAID) failure
o impact of technical change:
▪ potential downtime
▪ requirement for system or software upgrades
▪ misconfigured systems
• political:
o changes or amendments in legislation
Links to Learning Outcomes |
Links to Assessment criteria |
|
|---|---|---|