Please
read the following requirements and provide solutions for PART #1 (2 Pages) &
PART #2 (18 Pages with 7 citations in APA 7 format) not including index and
reference pages
MUST
READ REQUIREMENTS
The objective of this
assignment is to develop a Risk Assessment Report for an organization
including companies and government agencies.
You will conduct the
analysis using only public information from the internet, organizational and
news reports, journal articles, etc., and information based on judicious,
believable extrapolation of that information. Consider the organization’s
information assets (computing and networking infrastructure), vulnerabilities,
and legitimate threats that can exploit those vulnerabilities.
There is a wealth of
business-oriented and technical information that can be used to infer likely
vulnerabilities and assets for an organization. It is recommended that students
select their organizations based at least in part on ease of information
gathering, from a public record perspective.
PART #1 – Identify an Organization
Based on the above REQUIREMENTS select an
organization that has sufficient publicly available information to support reasonable risk analysis, particularly including threat and vulnerability
identification.
MUST HAVE
Create
an organization profile that includes:
·
Name and location
·
Management or basic organization structure
·
Industry and purpose (i.e., the nature of its business)
·
Financial information, standing in its industry, reputation
·
Relevant aspects of the company/organization’s computing and network
infrastructure.
2 Pages in APA 7 format
(not included index and reference page)
Note: Do
not try to access more information through social engineering or through
attempted cyber-attacks or intrusion attempts. This is a look at how
readily available information might be used from a risk management perspective.
PART #2: Risk Assessment Report
Conduct the analysis using the National
Institute of Standards and Technology (NIST)
https://csrc.nist.gov/publications/detail/sp/800-30/archive/2002-07-01
MUST HAVE
1. Focus
on identifying the list of threats and vulnerabilities faced by the identified
organization in Part#1.
2. Based
on the above threats and vulnerabilities, determine:
a) The likelihood
and severity of impact that would occur should each of the threats
materialize.
b) Provide
a list of risks ordered by their significance to the organization.
3. For the
risks you have identified, suggest ways that the subject organization might respond
to mitigate the risk.
18 Pages with 7 citations
in APA 7 format (not included index and reference page)
