IT risk-mitigation plan


In this lab, you will identify the scope for an IT risk-mitigation plan, you will align the plan’s major parts with the seven domains of an IT infrastructure, you will define the risk-mitigation steps, you will define procedures and processes needed to maintain a security baseline for ongoing mitigation, and you will create an outline for an IT risk-mitigation plan.

This is a Theory Lab and does not require the use of a virtual environment.



Sample Solution

While a set of frameworks complement and build on each other, the delineation of the concept focuses heavily on vertical versus horizontal dimensions in a time-sliced fashion. That is, time dimension in accountability has not been of primary importance. However, it is worth noting that the time dimension is closely interrelated with a series of conceptual distinctions made in previous literature, and it may cover complementary aspects of the question concerning two sequential lines represented by administrative responsibility versus political accountability. First, the positioning of accountability actors depends on the time dimension. Civil servants usually have longer terms to serve the public interest over the long term. At the same time, they are responsible to the elected representatives of the public who tend to have “a limited time horizon” and “prefer policies that yield tangible benefits for constituents in the near term” (Posner, 2004: 137). For this reason, the priorities expressed by elected officials may be far more related to short-term issues and temporal problems instead of long-term solutions, whereas the long-lasting forms of civil service personnel would prioritize sustainable solutions to secure a long-term perspective of the citizens, both current and in the future. Second, the time frame is essential to distinguishing between two main streams of accountability. Accountability mechanisms focus predominantly on retroactive accountability for the past outcomes, while accountability as a virtue takes a proactive approach to ensuring ethical behaviors in the future. The timeline is also useful to distinguishing between ex ante accountability of the decision-making process leading up to the decision and ex post accountability where the results available from the decision already taken or where questions of compliance are identified and addressed. In other words, ex ante accountability refers to being accountable for the decision before an administrator act, while ex post accountability is suggestive of situations where administrators are accountable for the outcome of their decisions. For example, the focus of traditional bureaucratic administration is very much