User Account

All Pages

Discuss the sources and potential impacts

Assignment Help Management Information Sys
Reference no: EM131650688

Assignment: Corporate Profile Part 2: Cybersecurity Risk Profile

For this paper, you will construct a cybersecurityrisk profile for the company that you wrote about in Part 1 of the Corporate Profile project. Your risk profile, which includes an Executive Summary, Risk Register, and Risk Mitigation Recommendations (Approach & Security Controls by family), will be developed from information provided by the company in its Form 10-K filing (Annual Report to Investors) retrieved from the U.S. Securities and Exchange Commission (SEC) Edgar database. You will also need to do additional research to identify security controls, products, and services which could be included in the company's risk response (actions it will take to manage cybersecurity related risk).

Research

1. Review the Risk section of the company's SEC Form 10-K. Develop a list of 5 or more specific cyberspace or cybersecurity related risks which the company included in its report to investors. Your list should include the source(s) of the risks and the potential impacts as identified by the company.

2. For each risk, identify the risk management or mitigation strategies which the company has implemented or plans to implement.

3. Next, use the control families listed in the NIST Special Publication 800-53 to identify general categories of controls which could be used or added to the company's risk management strategy for each risk in your list.

Text Book: Security and Privacy Controls for Federal Information Systems and Organizations.

4. For each control family, develop a description of how the company should implement these controls ("implementation approach") as part of its risk management strategy.

Write

1. Develop a 2 to 3 page Executive Summary from your Corporate Profile Part 1 (reuse and/or improve upon the business profile). Your Executive Summary should:

a. Provide an overview of the company and summarize its business operations.

b. Discuss the sources, potential impacts, and mitigation approach/strategy for cybersecurity related risks identified in the company's annual report.

c. End with a separate summation paragraph that provides a summary of your research and findings about the company and its cybersecurity risks.

2. Copy the Risk Register &Security Control Recommendations table (see template at the end of this assignment) to the end of the file that contains your Executive Summary.

3. Using the information you collected during your research, complete the table. Make sure that you include a name and description for each risk. For the security controls, make sure that you include the family name and a description of how each recommended control should be implemented (implementation approach). Include the control family only. Do not include individual security controls from NIST SP 800-53.

Additional Information

1. The Executive Summary should appear at the beginning of your submission file.

2. The Risk Register table should appear AFTER the Executive Summary and be placed in the SAME file.

3. The Risk Identifiers in the Risk Table are numbers that uniquely identify each risk and can be used for cross-referencing into other documents. Examples of acceptable identifiers are: 001, 002, 003 ...

Your Risk Profile is to be prepared using basic APA formatting (including title page and reference list) and submitted as an MS Word attachment to the Corporate Profile Part 2 entry in your assignments folder. See the sample paper and paper template provided in Course Resources > APA Resources for formatting examples.Consult the grading rubric for specific content and formatting requirements for this assignment.

Note: for this assignment you will be preparing a very high level risk register. Preparing a fully developed risk register and risk profile is beyond the scope of this course.

--- Copy from the next line to the end of this file and paste into your deliverable --

Table 1. Risk Register &Risk Mitigation Approach with Recommended Security Controls.

Risk Identifier

Description of the Risk &
Current Risk Management Strategy

Risk Mitigation Approach with Recommended Security Controls (by NIST SP 800-53 family)

Sequence #

Must be from Form 10-K. Split complex risk statements into multiple individual risk statements.

Must explicitly include NIST Control Family (two character ID) as part of recommended mitigation.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Attachment:- Corporate-Profile-Part-1-Buyer-Profile.rar

Reference no: EM131650688

Questions Cloud

Discuss learning style description : factors that may contribute to making this course challenging for someone with your preferred ways of learning
Prevent or discourage long-term economic growth : Have they done anything which could prevent or discourage long-term economic growth?
Formalise its planning and budgeting procedures : International Business College has recognised the need to formalise its planning and budgeting procedures
Aggregate value of all of the foregone alternative : The opportunity cost of using this buildng as office space for your own business is the aggregate value of all of the foregone alternative uses for the space.
Discuss the sources and potential impacts : Discuss the sources, potential impacts, and mitigation approach/strategy for cybersecurity related risks identified in the company's annual report.
Priority in production planning relates : Which of the following is most true about Sales and Operations Planning. Priority in production planning relates to:
What is the role of entrepreneurship in production : What is the role of entrepreneurship in production?
Discuss how they can help you with academic : Identify your individual strengths and discuss how they can help you with academic and career success
Provide a general overview of statistics : Provide a general overview of statistics and how they support the risk assessment process.Discuss at least two statistical tools .

Reviews

Write a Review

Management Information Sys Questions & Answers

  The profile of a leader for the corporations position

The profile of a leader for the corporation's position. Each leadership skill that would be considered for the management positions in the company

  Discuss your social media and e-commerce strategies

Discuss your social media and e-commerce strategies. Some possible questions to consider: What types of Web 2.0 strategies would you employ? Would you have a web site? What purpose(s) would it serve?

  Derive the formula for the probability of error

Derive the formula for the probability of error incurred by the maximum likelihood detection procedure applied to this form of signaling over an AWGN channel.

  Prepare an interim innovation corporate action plan

Provide a report that compares and contrast the different generic innovation cycles. Include a table that summarizes the attributes of these innovation cycles. Minimum length = 400 words.

  What potential challenges exist for using mi-fi for business

The interconnected world as most students know it - with easy and often free access to the Internet from home, school, the coffee shop, the airport, and even on the train- is actually fairly recent. We used to need cables (wires) to connect to oth..

  Discuss about the firewall management

There are many recommendations, guidelines, and best practices for firewall management. List and explain five of these guidelines or practices.

  Explain the digital crime thoery

Explain the manner in which the theory that you selected in Question 1 relates to crime in general.Determine one (1) additional theory that a researcher could use to explain the cause of digital-crime and non-digital crime. Include one (1) example ..

  What are consequences of someone entering an incorrect rule

What are the consequences of someone entering an incorrect rule? Offer both mundane and drastic examples. Considering your answer to part b, if you managed the reservation system at THL.

  Explain about technology trendsexplain the process in

explain about technology trendsexplain the process in detail? i use the internet but is there some other official way

  Provide an example of a violation of availability

Provide an example of a violation of availability. Which in your opinion is the most important of the three components of information security. Why

  Current supply chain management and internetdiscuss current

current supply chain management and internetdiscuss current supply chain management and how businesses are using the

  Determine a significant force that would have most impact

Determine a significant force that would have the most impact on the decision to implement HMIS. Justify your response

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd