fips191_27
FIPS PUB 191
The ultimate goal of effective overall LAN security may not be met if strong team leadership
is not in place from the beginning. For example, organizations that lack strong centralized
management of the LAN may have a difficult time assessing needs in any hierarchical manner,
since each local manager or application owner may view his needs as a priority over other local
managers and application owners, regardless of what the risk analysis results indicate.
Initially, those within the organization charged with performing the risk analysis need to make
some determination regarding the proposed scope and boundary of the risk analysis. With this
information, the necessary participants in the risk process can be chosen.
3.3 Elements of Risk Management
Operation of a LAN involves risk. The term risk management is commonly used to define the
process of determining risk, applying controls to reduce the risk, and then determining if the
residual risk is acceptable.
Risk management supports two goals: measure risk (risk
assessment) and selecting appropriate controls that will reduce risk to an acceptable level (risk
mitigation).
Issues that should be addressed when assessing LAN security include:
1. Assets - What should be protected?
2. Threats - From what do the assets need protection and what is the likelihood that a threat will
occur?
3. Impacts - What are the immediate damages if the threat is realized (e.g. disclosure of
information, modification of data)?
4. Consequences - What are the long-term effects of the threat being realized (e.g. damage to
reputation of organization, loss of business)?
5. Controls - What are the effective security measures (security services and mechanisms) needed
to protect the assets?
6. Risk - After implementation of the security controls, is the remaining risk acceptable?
The goal of risk assessment is to determine the risk to the LAN. The risk assessment process
is conducted in two steps. The first step defines the boundary of the environment, determines
the scope of the assessment and selects the appropriate methodology to use. In step two the risk
analysis is conducted. The risk analysis can be broken down into asset identification, threat and
vulnerability identification, likelihood assessment, and risk measure.
The goal of risk mitigation is to apply effective security controls such that the residual risk to
29