Security risk mitigation plan | CMGT400 Intro To Information Assurance & Security | University of Phoenix

Need your ASSIGNMENT done? Use our paper writing service to score better and meet your deadline.


Order a Similar Paper HERE Order a Different Paper HERE

 

A Risk Management Analyst identifies and analyzes potential issues that could negatively impact a business in order to help the business avoid or mitigate those risks.

Take on the role of Risk Management Analyst for the organization you chose in Week 1.

Using the Security Risk Mitigation Plan Template, create a 4- to 5.5-page Security Risk Mitigation Plan for the organization you chose. The 4-5.5 page assignment length requirement applies to the content of the assignment. Start the assignment with an APA formatted title page and add a reference section with at least two professional references. Use the references in the text of the assignment. 

Research and include the following: 

  • Security Risk Mitigation Plan:
    • Select and document security policies and controls.
    • Create password policies.
    • Document administrator roles and responsibilities.
    • Document user roles and responsibilities.
    • Determine authentication strategy.
    • Determine intrusion detection and monitoring strategy.
    • Determine virus detection strategies and protection.
    • Create auditing policies and procedures.
    • Develop education plan for employees on security protocols and appropriate use.
    • Provide risk response.
      • Avoidance
      • Transference
      • Mitigation
      • Acceptance
    • Address change Management/Version Control.
    • Outline acceptable use of organizational assets and data.
    • Present employee policies (separation of duties/training).
    • Explain incident response.
      • Incident types/category definitions
      • Roles and responsibilities
      • Reporting requirements/escalation
      • Cyber-incident response teams
    • Discuss the incident response process.
      • Preparation
      • Identification
      • Containment
      • Eradication
      • Recovery
      • Lessons learned