Risk is the effect of an event or series of events that take place in one or several locations.
The mitigation plan is to ensure what actions or steps to take when a risk were to occur. If the company were to experience risk such as fire, users outages, remote access, opening unknown e-mail attachment or have equipment failure, the mitigation plan will let you know what assets of the company will be affected and how valuable it is to the company and also how to mitigate the risk. The mitigation plan includes a cost benefit analysis to evaluate the cost of a risk towards the company, whether to eliminate the risk or ignore it; this will ensure the organization of eliminating the risk and or accepting the risk to be cost effective. When developing a mitigation plan the company must consider the cost to implement countermeasures, the time to implement the countermeasures and the operational impact of the countermeasures.
Cost
The company must purchase many of the countermeasures that the company will implement, which can include initial purchase cost, facility cost, installation cost, and training cost. * The cost of the initial purchase is the retail price of the product such as a router or server. * The cost of the facility can include space, power, and air conditioning, if not identify it can cause problems and affect the cost benefit analysis. * Installation cost, if not done by a professional it can cause more expenses to the company. * Training cost, hire a trainer to train the employees
Time
* When implementing countermeasures time can vary from days, weeks or months
Operational
* Securing your network with strong firewall security, enable logging, strong password, and security policies.
The risk will be categorized into three levels; High, Medium, and Low.
High category
Risks that are placed in this category are highly affective and it is capable of damaging the infrastructure and shutting down the network. They are treated as a major priority. Also the assets are highly valuable.
Medium category
Risks that are placed in this category undergo deep intense brainstorming and research because if they are not treated as a priority, it has the ability to become highly affective. With these risk, the