Reference no: EM132869063
Gap Analysis Plan and Risk Assessment Methodology
Scenario
After the productive team meeting, Fullsoft's chief technology officer (CTO) wants further analysis performed and a high-level plan created to mitigate future risks, threats, and vulnerabilities. As part of this request, you and your team members will create a plan for performing a gap analysis, and then research and select an appropriate risk assessment methodology to be used for future reviews of the Fullsoft IT environment.An IT gap analysis may be a formal investigation or an informal survey of an organization's overall IT security. The first step of a gap analysis is to compose clear objectives and goals concerning an organization's IT security. For each objective or goal, the person performing the analysis must gather information about the environment, determine the present status, and identify what must be changed to achieve goals. The analysis most often reveals gaps in security between "where you are" and "where you want to be."Two popular risk assessment methodologies are NIST SP 800-30 revision 1, Guide for Conducting Risk Assessments, and Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE). Your focus will be on the OCTAVE Allegro version, which is a more concise version of OCTAVE.
When reviewing the methodologies, consider the following:
Question 1: Which features or factors of each methodology are most important and relevant to Fullsoft?
Question 2: Which methodology is easier to follow?
Question 3: Which methodology appears to require fewer resources, such as time and staff, but still provides for a thorough assessment?
|
What are some of the major privacy concerns in employing
: Search the Internet to find examples of how intelligent systems can facilitate activities such as empowerment, mass customization, and teamwork.
|
|
Contrast two worlds presented here
: Compare and contrast the two "worlds" presented here. Consider the houses, clothing, and behavior displayed in these two programs.
|
|
Calculate the total number of units of each model to produce
: The company has determined that a minimum of 2,500 units should be made of each model. Calculate the total number of units of each model to produce
|
|
Whistleblowing and sarbanes-oxley due
: Describe the key characteristics of a whistleblower, and briefly summarize one researched instance of whistleblowing in one publicly traded company
|
|
Which methodology appears to require fewer resources
: Which features or factors of each methodology are most important and relevant to Fullsoft? Which methodology is easier to follow?
|
|
What is the measurement of the coffee beans inventory
: On such date, the fair value less cost of disposal is P3,900,000 and the net realizable value is P 3,200,000. What is the measurement of coffee beans inventory
|
|
Sustainability of long-term organizational performance
: Explain why you chose these competitive strategies and estimate how they might affect sustainability of long-term organizational performance.
|
|
Compute the balance in the deferred income tax asset
: In 20X2, new taxable temporary differences occurred = 90,000. Compute the balance in the deferred income tax asset account on December 31, 20X1
|
|
Key components of supply chain management
: Determine the key components of supply chain management for the company you have selected.
|