Beruflich Dokumente
Kultur Dokumente
Note : Adjust the appropriate zoom factor to be able to see each complete chart within your screen.
Low Impact
Detailed Risk
Dependency Analysis Not Required Assessment Not
Compulsory
FILL IN THE PARTICULARS OF RESPONDENT AND REVIEWER/APPROVER BELOW (Items 1 to 4 to be filled in Part 1, not here)
1 CNI ENTITY : Lembaga Pelabuhan Johor
2 CNI SUB-ENTITY :
3 ADDRESS WHERE SERVICE IS 4A1-8A1, Pusat Perdagangan Pasir Gudang, Jalan Bandar, 81700 Pasir Gudang, Johor
CENTERED/DELIVERED/ORIGINATED
FROM OR ADDRESS WHERE PRODUCT
IS PRODUCED :
4 SHORT NAME OF SERVICE OR PRODUCT
(GROUP) :
12 TELEPHONE NOS. :
13 FAX NOS. :
14 EMAIL ADDRESS : Signature and Stamp
15 WEBSITE/PORTAL ADDRESS : Date :
16 NAME OF REVIEWER/APPROVER OF
RESPONSE :
17 POSITION :
18 DEPARTMENT/ DIVISION / SECTION
19 /UNIT:
CORRESPONDENCE ADDRESS :
20 TELEPHONE NOS. :
21 FAX NOS. :
22 EMAIL ADDRESS : Signature and Stamp
Date :
SECTION A
SECTION B
* ITEMISE THE CRITICAL SERVICES OR PRODUCTS INCLUDED IN THE DEFINED GROUP, IF THESE CRITICAL SERVICES OR SERVICE OR PRODUCT
PRODUCTS ARE TO BE ADDRESSED AS ONE GROUP (in Section A4 and Section A5 above) IN THE RISK ASSESSMENT. CODE
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
SECTION C
* ITEMISE THE LIST OF SERVICES OR PRODUCTS LOGICALLY IN THE GROUP (in Sections A4 and A5 above) THAT ARE NOT CATEGORISED AS
CRITICAL SERVICES OR PRODUCTS
1
2
3
4
5
6
7
8
9
SECTION D
MAP THE SERVICE OR PRODUCT (GROUP) TO CRITICAL (NON-CYBER) SYSTEMS (IF ANY) AND CRITICAL CYBER SYSTEMS THAT DELIVER/PRODUCE
THE SERVICE OR PRODUCT (GROUP)
1
2
3
4
5
6
7
8
9
10
For each of the following dimensions that may be impacted in the event of the disruption to your critical services or products (group) in
Part 1 , select the appropriate estimated level of impact with a 'Y' in the appropriate impact column.
Note : Do not factor in any dependency on cyber systems at this stage. Just focus on your service or product and the impact of its
disruption.
Very Very
Low Medium High
Dimensions Low High
Impact Impact Impact
Impact Impact
Defense and Security x y x x x
Low Impact
Economy x y x x x
Low Impact
National Image x y x x x
Low Impact
Government Services x y x x x
Low Impact
Explanation on Dimensions
Defense and Security Compromise or weakening of our ability to defend (MAF, APMM) and ensure security (Police etc).
Economy Covers commerce, banking, industrial activity, logistics and transportation including airport and port management, domestic and
international trade, stock exchange etc
National Image
Government Services Online and core government services dependent on ICT like RTD, Immigration, Customs, NRD, e-Procurement, e-SPKB, GFMAS,
SPEKS, SAGA etc
Health and Safety Hospital services, emergency services including ambulance, fire brigade, civil defense, seach and rescue and public safety
You need not respond below as the impact assessment shows that impact is low.
Online Applications x y x x x
Low Dependency
Backend Applications x y x x x
Low Dependency
Databases/Repository x y x x x
Low Dependency
SAN/NAS x y x x x
Low Dependency
Corporate Network x x x y x
High Dependency
Private Network x y x x x
Low Dependency
Internet y x x x x
Very Low Dependency
Remote Services x y x x x
Low Dependency
You need not respond below as the Impact is low or Dependency on Cyber Systems is low.
Very
High Medium Low Very Low
Information Security Dimensions High
Controls Controls Controls Controls
Controls
You need not respond here as the High Level Risk Assessment indicates that risk is low.
PLEASE IGNORE THE TABLE BELOW. YOU NEED NOT FILL IN THE DETAILS IN ROW 11.
Impact to National
Impact to National Impact to Government Impact to Public
SEIGH Dimensions >> TOTAL Defense and Impact to National Economic Strength
Image Capabilities to Function Health and Safety
Security
Immigration Services
Banking and Finance
Investor Perception
Foreign Perception
Citizen Perception
Military Readiness
Foreign Exchange
Police Operations
APMM Operations
Domestic Trade
Health Services
(Weight Averaged)
E-Government
(Rounded Wt Avg)
Public Health
Public Safety
E-Commerce
and Savings
E-Payment
Securities
Totals
Totals
Components of SEIGH Dimensions >>
Impact
Impact
You need not respond here as the High Level Risk Assessment indicates that risk is low.
PLEASE IGNORE THE TABLE BELOW. YOU NEED NOT FILL IN THE DETAILED THREATS-VULNERABILITIES LIKELIHOOD TABLE BELOW.
Likelihood of
Threats Asset Group Overall
Controls/ Safeguards/
Asset Group Asset Name Threats Vulnerabilities Exploiting Likelihood (0 Likelihood (0
Countermeasures
Vulnerabilities to 4) to 4)
(0 to 4)
4
People
Logical Access
Procedures
Perimeter
Protection
Measures
Hardware
10/27/2009 21:54:37 11 24067438.xls (Part 6-Detailed Threat Analysis)
PART 6 : CNII (SUB-)ENTITY'S DETAILED ANALYSIS OF THREATS-VULNERABILITIES-COUNTERMEASURES THAT WILL ASSURE THE DELIVERY OF THEIR CRITICAL
PRODUCTS AND SERVICES
You need not respond here as the High Level Risk Assessment indicates that risk is low.
4
PLEASE IGNORE THE TABLE BELOW. YOU NEED NOT FILL IN THE DETAILED THREATS-VULNERABILITIES LIKELIHOOD TABLE BELOW.
Likelihood of
Threats Asset Group Overall
Controls/ Safeguards/
Asset Group Asset Name Threats Vulnerabilities Exploiting Likelihood (0 Likelihood (0
Countermeasures
Vulnerabilities to 4) to 4)
(0 to 4)
Hardware
Software
Network
Physical Security
Environmental &
Support Systems
10/27/2009 21:54:37 12 24067438.xls (Part 6-Detailed Threat Analysis)
PART 6 : CNII (SUB-)ENTITY'S DETAILED ANALYSIS OF THREATS-VULNERABILITIES-COUNTERMEASURES THAT WILL ASSURE THE DELIVERY OF THEIR CRITICAL
PRODUCTS AND SERVICES
You need not respond here as the High Level Risk Assessment indicates that risk is low.
PLEASE IGNORE THE TABLE BELOW. YOU NEED NOT FILL IN THE DETAILED THREATS-VULNERABILITIES LIKELIHOOD TABLE BELOW.
Likelihood of
Threats Asset Group Overall
Controls/ Safeguards/
Asset Group Asset Name Threats Vulnerabilities Exploiting Likelihood (0 Likelihood (0
Countermeasures
Vulnerabilities to 4) to 4)
(0 to 4)
Environmental &
Support Systems
THIS TABLE IS IGNORED AS THE HIGH LEVEL RISK ASSESSMENT INDICATES THAT RISK IS LOW.
Very Low-0 0 1 2 3 4
Low-1 1 2 3 4 5
Impact of Incident to
Medium-2 2 3 4 5 6
Nation
High-3 3 4 5 6 7
Very High-4 4 5 6 7 8
Low Risk : 0 to 2 Impact rating manually entered (only allowed if rating is 2,3 or 4):
Medium Risk : 3 to 5 Impact from Part 5 (Detailed Impact Analysis): 4
High Risk : 6 to 8 SUMMARY OF DETAILED RISK ANALYSIS FOR :
The following features in this workbook are not supported by earlier versions of
Excel. These features may be lost or degraded when you save this workbook in
an earlier file format.
Some cells have more conditional formats than are supported by the selected
file format. Only the first three conditions will be displayed in earlier versions of
Excel.
Some cells have overlapping conditional formatting ranges. Earlier versions of
Excel will not evaluate all of the conditional formatting rules on the overlapping
cells. The overlapping cells will show different conditional formatting.
Some cells contain conditional formatting with the 'Stop if True' option cleared.
Earlier versions of Excel do not recognize this option and will stop after the first
true condition.
Some cells or styles in this workbook contain formatting that is not supported by
the selected file format. These formats will be converted to the closest format
available.
# of occurrences
29
'Part 2 - HL Impact'!G7:G12
'Part 2 - HL Impact'!S7:S9
'Part 3 - HL Dependency'!G9:G17
'Part 3 - HL Dependency'!R9:R11
'Part 3 - HL Dependency'!S9
'Part 3 - HL Dependency'!R13:S14
'Part 4 - HL Controls'!G9:G20
'Part 4 - HL Controls'!R9:R11
'Part 4 - HL Controls'!S9
'Part 4 - HL Controls'!R13:S14
'Part 5-Detailed Impact Analysis'!AF15:AF17
22
'Part 2 - HL Impact'!S13:S14
'Part 3 - HL Dependency'!R15:R16
'Part 4 - HL Controls'!R15:R16
24
'Part 2 - HL Impact'!B7:F11
'Part 2 - HL Impact'!G7:G14
'Part 3 - HL Dependency'!B9:G17
'Part 3 - HL Dependency'!G19:G20
'Part 4 - HL Controls'!B9:G20
'Part 4 - HL Controls'!G22:G23
89