After reviewing your report, the CIO requests that you develop a
follow-up plan detailing a strategy for addressing all risks (i.e., risk
mitigation, risk assignment, risk acceptance, or risk avoidance) identified in
Assignment 1. Further, your plan should identify controls (i.e.,
administrative, preventative, detective, and corrective) that the company will
use to mitigate each risk previously identified.
Write a four to five 4 page paper in which you:
1 For each of the 3 malicious attacks and / or threats that you identified in
Assignment 1, choose a strategy for addressing the associated risk (i.e., risk
mitigation, risk assignment, risk acceptance, or risk avoidance). Explain your
rationale. (The three attacks mentioned in assignment 1 are: virus, trojan house
and logic bombs)
2 For each of the three
(3) or more malicious attacks and / or threats identified in Assignment 1,
develop potential controls (i.e., administrative, preventative, detective, and corrective)
that the company could use to mitigate each associated risk.
3 Explain in detail why
you believe the risk management, control identification, and selection
processes are so important, specifically in this organization.
4 Draft a one (1) page Executive
Summary that details your strategies and recommendations to the CIO (Note: The
Executive Summary is included in the assignment’s length requirements).
***Use at least three (3)
quality resources in this assignment (no more than 2-3 years old) from material
outside the textbook. Note: Wikipedia and similar Websites do not qualify as