Reference no: EM132495675
ITC596 IT Risk Management - Charles Sturt University
TASK
Read the Challenger Constructions case study document (attached) before attempting this assignment.
You have been employed by Challenger Constructions as their first ever Chief Information Security Officer (CISO). You have been tasked by the Board to conduct a review of the company's risks.
1. As the first step, you are to provide a Risk Register for Challenger Constructions. This risk register must contain, as a minimum:
a. A description of each risk identified for each IT asset, data set or process.
b. A summary of the impact or consequence to each IT asset, data set or process, if the identified risk was to arise.
c. The likelihood of this risk occurring.
d. The inherent risk assessment (this is the assessed, row/untreated risk inherent in a process or activity without doing anything to reduce the likelihood or consequence).
e. The key controls to mitigate the risk (NOTE: it is possible that there may be
more than one (1) control needed. Each control should be listed on a separate line)
f. The residual risk assessment (this is the assessed risk in a process or activity, in terms of likelihood and consequence, after controls are applied to mitigate the risk)
g. Prioritisation of the risk (what is the priority order for the risks to be addressed).
Your Risk Register should be in table format using the following column headings:
• Risk
• Impact
• Likelihood
• Assessment
• Controls
• Residual Risk
• Priority
You should provide references in IEEE format, particularly for controls to be employed.
Attachment:- Case Study.rar
Attachment:- marking.rar