Reference no: EM132594873
Assignment: Take on the role of Risk Management Analyst for the organization you chose in Week 1.
Using the Security Risk Mitigation Plan Template, create a 4- to 5.5-page Security Risk Mitigation Plan for the organization you chose.
Research and include the following:
• Security Risk Mitigation Plan:
• Select and document security policies and controls.
• Create password policies.
• Document administrator roles and responsibilities.
• Document user roles and responsibilities.
• Determine an authentication strategy.
• Determine an intrusion detection and monitoring strategy.
• Determine virus detection strategies and protection.
• Create auditing policies and procedures.
• Develop education plan for employees on security protocols and appropriate use.
• Provide risk response.
• Avoidance
• Transference
• Mitigation
• Acceptance
• Address change Management/Version Control.
• Outline acceptable use of organizational assets and data.
• Present employee policies (separation of duties/training).
• Explain incident response.
• Incident types/category definitions
• Roles and responsibilities
• Reporting requirements/escalation
• Cyber-incident response teams
• Discuss the incident response process.
• Preparation
• Identification
• Containment
• Eradication
• Recovery
• Lessons learned