0% found this document useful (0 votes)
24 views19 pages

RAA 20CSU124 Report

The document identifies various categories of assets for a university including technical, financial, infrastructure, management, and miscellaneous assets. It then lists vulnerabilities and threats across these different asset categories, including network vulnerabilities, physical security issues, reputational risks, and more. The types of risks are also categorized as operational, strategic, financial, and reputational risks.

Uploaded by

arsh20csu286
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
24 views19 pages

RAA 20CSU124 Report

The document identifies various categories of assets for a university including technical, financial, infrastructure, management, and miscellaneous assets. It then lists vulnerabilities and threats across these different asset categories, including network vulnerabilities, physical security issues, reputational risks, and more. The types of risks are also categorized as operational, strategic, financial, and reputational risks.

Uploaded by

arsh20csu286
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
You are on page 1/ 19

Category Assets

Technical Servers
Routers/Hub/Switch
Erp/Lms/Canvas
Wifi
Projector's
Pc's
WorkStation
CCTV Station
Biometric machine
Cloud

Financial Funds for projects


Scholarships provided
Students' fee
Equity
Insurance expenses
Investment funds by investors
Placement packages
Salaries of staff
Bank tie ups

Infrastructure Building
Ground
Parking
Café
Workshop
Electricity
Glass
Solar Infra
EV Charging facility

Management Tie-ups with international universities


Campus to corporate relations
Alumini enagements
Placement CELL
Student exchange programs
Professional skill development courses
Faculty
Domestic helpers
Security team

Miscellaneous Placement
Reputation
Libraray Books
Cultural Activities
Research Work
Academics
NCU Vulnerability Report

Vulnerability

Lack Of authentication
Credintials
Weak Encryption
Disable the features
Weak passward
Anyone enter less security
Jamming
Could be destroyed
No Backup

Evaluation by an average person, using given funds for corruption


Based on caste/reservation and not intelligence
Frequently increasing fees, extra charges on every small thing
Too many shareholders
Too many insurances given to higher management people
Misusing funds for personal gains by any management staff
Poor performance in interviews, lack of knowledge / preparation by management
No upraisals provided for long periods, rude and unempathetic towards staff
Change in owner/ceo of the bank or in policies of bank, ransomware attacks

Weak Foundation
Access Points
Access Points
Unsatisfication of food
Malfunctioning of machines
Short Circuit
Breakable glass
Monsoon Season/damage
Over Heating

Miscommunication , unstructured foreign currency


Missing professionalism,
Lack of communication, lack of incentives
Bad company relations
No scholarships, unstructured plan of programme
High course fee, ignorant faculty
Disrespect by management/students
Low wages, extra workload
Unalert, unloyal

Low Salary Package


Not Following UGC Guidelines
Damage
Not enough Activities in College
Not Funding Scholars For reaserach Work
Bad Performance
NCU Vulnerability Report

Threat Types of Assets

Cease Of Operation Intangible


Spoofing Tangible
Leak Of Sensitive Data Tangible
Credintial Loss Tangible
Not working Tangible
Phishing Attack Tangible
Damage Tangible
Physical Security Tangible
Physical Security Tangible
Loss of data Intangible

Good projects are undermined and random students get selected Tangible
Potential of students is sealed Tangible
Fall in number of admissions, bad reputation Tangible
All will take independent decisions causing a chaos Tangible
Wastage of Funds/Fee, Hampered development of organization Tangible
Lack of funds for other important developments in the institute Tangible
Degradation of package range Tangible
Loss of good quality faculty Tangible
Loss of money, Corporate espionage Intangible

Earthquake Tangible
Damage Tangible
Damage Of Vehicles Tangible
food poisioning Tangible
Injury caused to the person working on the machine Tangible
Lead to fire InTangible
glass can break easily InTangible
Doesn't Provide Electricity InTangible
Lead to fire Tangible

Broken bonds Intangible


Reputation of University Intangible
No alumini visits, seminars, experiences for upcoming students Intangible
Hampered Placements Intangible
Reputation of University Intangible
Not affordable Intangible
Tangible
Issues in infrastructure Maintainence Tangible
Students involved in fights, Bad behaviour Tangible

No Jobs Tangible
Affliation revoked Intangible
Stolen Tangible
Students does not grow apart from academics Tangible
less Research Activities in University Intangible
Reputation Intangible
Types of vulnerabilty Type of Threat

Network Accidental Threats, Structural Threats


Physical Accidental Threats, Structural Threats
Logical Accidental Threats, Structural Threats
Network Accidental Threats, Structural Threats
Network Accidental Threats, Structural Threats
Network Accidental Threats, Structural Threats
Physical Accidental Threats, Structural Threats
Physical Accidental Threats, Structural Threats
Physical Accidental Threats, Structural Threats
logical Accidental Threats, Structural Threats

Physical Adversial Threats,


Physical Adversial Threats,
Physical Adversial Threats,
Physical Adversial Threats,
Physical Adversial Threats,
Physical Structural Threats
Physical Structural Threats
Physical Structural Threats
Logical Adversial Threats, Structural Threats

Physical Environmental Threats


Physical Adversial, Structural Threats
Physical Accidental Threats
Physical Adversial Threats
Physical Structural Threats
logical Structural Threats
Physical Structural Threats
Physical Environmental Threats
Physical Environmental Threats

Logical Adversial Threats


Logical Adversial Threats
Logical Adversial Threats
Logical Adversial Threats
Logical Adversial Threats
Logical Adversial Threats
Physical
Physical Adversial Threats
Physical Adversial Threats

Logical Adversial Threats


Logical Adversial Threats
Physical Adversial Threats,Accidental Threats
Logical Adversial Threats
Logical Adversial Threats
Logical Adversial Threats
Types of Risk

Operational Risk
Operational Risk
Operational Risk
Operational Risk
Operational Risk
Operational Risk
Operational Risk
Operational Risk
Operational Risk
Operational Risk

Strategic Risk,Other Risk


Strategic Risk,Reputational Risk
Strategic Risk,Reputational Risk
Strategic Risk,Reputational Risk
Financial Risk,Reputational Risk
Strategic Risk,Reputational Risk
Strategic Risk,Reputational Risk
Strategic Risk,Reputational Risk
Financial Risk,Reputational Risk

Operational Risk,Financial Risk


Operational Risk
Operational Risk
Operational Risk,Reputational Risk
Operational Risk,Financial Risk
Operational Risk,Financial Risk
Operational Risk,Financial Risk
Operational Risk,Financial Risk
Operational Risk,Financial Risk

Reputational Risk
Reputational Risk
Reputational Risk,Financial Risk
Reputational Risk
Reputational Risk
Reputational Risk,Financial Risk
Reputational Risk
Reputational Risk
Reputational Risk

Reputational Risk
Reputational Risk,Strategic Risk
Reputational Risk,Financial Risk
Reputational Risk
Reputational Risk
Reputational Risk
Vulnerability Report on ABC

CATEGORY ASSETS Vulnerability

server hardware server crash


physical damage to server

electronic devices voltage fluctuations


physical damage
outdated software
Technical softwares purchased
account security lacking in softwares
e-commerce site bad user interface
e-commerce application accessability issues
availability issues
payment gateway / prone to bugs
collaboration lacking in security

buildings
recreation areas lack of security
unsecured belongings
cateferias

inadequate furniture
furniture less appropriate desks and chairs
Infrastructure
washrooms lack of cleanliness and hygiene
lack of maintainance

no surveillance attendant
security and control rooms no security enforcement

security locks / biometric strength of locks low


entrance bypassable biometric machine

security equipment equipment left loose

Security firewalls bypasses in firewall

antivirus expired antivirus purchase


antivirus not up to date
IDPS lack of security

fraud / fake account detection less accuracy of detection

work from home policies


loopholes in policies
management policies missing some test / use cases
not properly defined purpose scope and
responsibilities

Manegerial
loopholes in policies
missing some test / use cases
not properly defined purpose scope and
office policies responsibilities

Manegerial software and device use


guidelines insufficient guidelines

employee training / intern training not done as often


training intern training insufficient

clothing passed trends


bad quality clothing
accessories lack of sizes and categories

electronics malfunctioning electronics

health and wellness expired medicines


Product Types bad quality of products
out of date groceries
grocery spoiling fruits / vegetables / fresh
products
personal care / beauty
sports and fitness bad quality products
not enough variety
other items / miscellaneous

developers and coders Lack of secure coding practises

testing team lack of a different perspective


not sufficiently qualified team
management team not enough experienced team
finance team lack of expertise
higher management / miscalculation / wrong decisions
authorities
Human
Resources lack of empathy
customer service team use of impolite / bad language
not able to handle tricky situations

sites and applications not securely


coded
cybersecurity team security standards not met
security protocols not followed

shipping staff delay in delivery


misconduct with customer

investments and stocks variability in stock market


other profiles of company (eg: lack of promotion of other profiles
video streaming platforms) too many other profiles

Finance disinterest of stockholders


stockholders not taking apporval of stock holders

revenue profits bad reviews of products


bad user interface
Vulnerability Report on ABC Company

Threats TYPE OF ASSETS TYPE OF VULNERABILITY TYPE OF RISK

can take site offline for long time causing Tangible network financial risk
financial loss logical reputational risk

damage to electronic devices Tangible physical operational risk

software piracy issues Tangible physical compliance risk

Tangible
defacement Tangible
spoiling reputation logical reputational risk
Tangible

Tangible
damage to property Tangible physical financial risk
theft
Tangible
health risk
back problems Tangible physical operation risk
workspace problems
employee dissatisfaction Tangible physical health risk
health issues logical

accidents
misuse of physical and intellectual operation risk
property Tangible physical compliance risk
illegal activities

will cause the infrastructure and human physical financial risk


resource to be prone to theft damage Tangible logical
and physical harm

security equipment can be misused to operational risk


cause physical harm to human rescource Tangible physical health risk
and infrastructure

InTangible

can lead to systems being hacked InTangible


would make company prone to cyber network compliance risk
attacks operation risk
InTangible

Tangible

Intangible
employees / customers can take Intangible reputational risk
misadvantage of loopholes in policies logical compliance risk
can tage legal action towards company financial risk
employees / customers can take reputational risk
misadvantage of loopholes in policies logical compliance risk
can tage legal action towards company Intangible financial risk

can cause employees to perform wrong


actions potentially causing losses Intangible logical financial risk

can decrease value of employees strategic risk


can cause inefficency of work due to lack Intangible logical compliance risk
of training

customers looking for fast fashion trends Tangible


might switch to other platforms logical reputational risk
can cause reputational loss because of
lack of inclusivity Tangible

Tangible

Tangible
customers would not be satisfied with
the products
bad reviews Tangible logical reputational risk
reputation can be ruined both the
manufacturers and the company's
Tangible
Tangible
Tangible

can lead to vulnerabilities in software Intangible network compliance risk


and website operational risk

can cause decrease in accuracy of testing Intangible logical compliance risk


operational risk
Intangible
can cause financial losses due to lack in Intangible
logical financial risk
judgement
Intangible

can decrease reputation of company and


loss of customers Intangible logical reputational risk

can lead to data and information loss network


reputation loss Intangible logical reputational risk

Intangible

unintentional Tangible variability can cause logical


company to lose money
having other profiles can
structural Intangible distract from focussing on e logical
commerce and lead to losses

stockholders may back out if


human errors they lose interest or if
unintentional Tangible policies are not approved by logical
adversarial them

company might face losses if


unintentional Intangible there are bad reviews on logical
their products as customers
will shift to other companies
TYPE OF THREAT

Structural Threats

accidental threat

Structural Threats

Structural Threats

environmental threats

environmental threats

Structural Threats

organisational deficits
accidental

accidental

accidental
adversarial

human errors

organisational deficits

technical failures
human errors
technical failures
human errors

technical failures

organisational deficit

unintentional
organisational deficits

accidental
organisational deficits
human errors

accidental

organisational deficit
accidental

technical failures

human errors
adversarial

organisational deficits

technical failures

financial risk
financial risk

financial risk
reputational risk

financial risk
reputational risk

You might also like