Reference no: EM132385976
INF30020 Information Systems Risk & Security Assignment - Semester 2, 2019
Faculty of Business & Law - Swinburne University of Technology, Australia
The CoM Board has accepted your initial risk assessment report favourably. It was tabled to the leadership team, and after much deliberation a reasonable budget was approved to improve CoM's information management risk and security posture. You have secured the contract for the next stage of this work. Your team is to carry out work to:
1. Develop a risk mitigation plan for nine (9) prioritised risks for CoM.
2. Provide a risk treatment approach for the risks identified, including a suitable and clearly expressed approach to internal control.
3. Provide recommendations on how CoM's risk management practices can be improved and developed. including a suitable approach to governance for the management of risks,
4. Identify further opportunities of work in the risk management and information security management area, prioritising business continuity and disaster recovery associated with the 9 risks you have identified.
Your task is to produce a business report (2000 -2500 words max) addressing the above requirements.
Approach:
- Discuss the various team members assignment 1 work and come to a consensus of which 9 top risks you would like to use in your risk mitigation plan and find solutions for. These risks identified through the risk assessment may be placed in the appendix.
- Work with any one of the information security management frameworks discussed in classes.
- Use a standard based approach for risk mitigation, information security and business continuity.
- Build your report up in a methodical way to demonstrate your understanding of information risk and security management.
- Your report must articulate clearly which standards/guidelines it has followed and how they have been used.
The following should be included with your report (only 1 submission per team):
- A completed group assignment cover sheet (available from Canvas prior to submission),
- Relevant appendices for the report (should be used as you deem appropriate),
- A report reference list that applies the Harvard style guide (and in-text citation) is an expectation for this report,
- A record of tasks allocated to group members for the assignment and a brief record (minutes) of the meetings held by the group.