COBIT P09 defines 6 control objectives for assessing and managing IT risk within four
different focus areas. Explain COBIT P09’s purpose and describe COBIT P09.1 IT Risk
Management Framework control objectives. Make sure to explain Why is it important
to assess risk impact from four different perspectives as part of the COBIT P.09
Framework? (3.5 marks)
- Risk assessment is one step of risk management process. There are different ways to
preform risk assessment such as: Mehari, Magerit, NIST800-30 and Microsoft’s Security
Management Guide. Search of any three risk assessment approaches, write a short
description of each and compare between the three approaches you chose (3.5 marks) - The dynamic spread of COVID-19 and the uncertain developments ahead are causing
difficult times. As well as its effect on people, the coronavirus is rapidly disrupting
business and consumer activity in the affected areas and beyond. Think of the different
scenarios of how new risks are rising in business due to the pandemic. What do you
think are the new risk to business that can be associated with COVID-19 and how can
those risks be mitigated? (3marks)
Sample Solution
