11 Jun DESCRIBE HOW THE INFORMATION SECURITY GROUP SHOULD BE ORGANIZED.
Answer the following questions in 2-3 pages based on the case information provided below. Your answer must be 100% original. Please mentioned 2-3 references cited in APA.
Case Information:
Information security risk assessment is the process used to identify and understand risks to the confidentiality, integrity, and availability of information and information systems. In its simplest form, a risk assessment consists of the identification and valuation of assets and an analysis of those assets in relation to potential threats and vulnerabilities, resulting in a ranking of risks to mitigate. The resulting information should be used to develop strategies to mitigate those risks. Risk assessments for most industries focus only on the risk to the business entity. Financial institutions must also consider the risk to their customers’ information. For example, U.S. federal regulations require financial institutions to “protect against unauthorized access to or use of customer information that could result in substantial harm or inconvenience to any customer.”
ACME Financial Corporation is planning to roll out their new web and mobile online banking application. However, before deployment, the CEO has asked you (CISO) to assess risks and vulnerabilities, and provide strategies to protect customer data.
For this analysis, you will utilize the following formula:
Risk-Rating Factor = (Asset Impact x Likelihood) – Current Controls + Uncertainty
You may assume that ‘Likelihood’ is a numerical value within the scale (0.1 – 1.0) and ‘Asset Impact’ is a numerical value within the scale (1 – 100). ‘Current Controls’ is a numerical value based on the percentage of risk mitigation from control mechanisms. ‘Uncertainty’ is a numerical value based on the current knowledge of the vulnerability. You shall determine all values based on your knowledge, experience and/or references for each of the five assets and vulnerabilities. Be sure to explain how you derived all values.
Questions:
Describe how the information security group should be organized. Illustrate using a hierarchical organization tree. Also, list any policies that should be considered and by whom.
Identify and prioritize 5 assets by calculating risk determination based on vulnerability likelihood of occurrence, percentage of risk mitigated by controls, and uncertainty of knowledge. Complete Table 1 below with your data. Explain how you derived each data set.
Example: Asset 1 has an impact of 100 and has one vulnerability where the likelihood is 0.1 with a current control that addresses 50% of its risk and current knowledge (assumptions and data) is at 80% accuracy.
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.
About Writedemy
We are a professional paper writing website. If you have searched a question and bumped into our website just know you are in the right place to get help in your coursework. We offer HIGH QUALITY & PLAGIARISM FREE Papers.
How It Works
To make an Order you only need to click on “Order Now” and we will direct you to our Order Page. Fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Are there Discounts?
All new clients are eligible for 20% off in their first Order. Our payment method is safe and secure.