Question Details

(solution) please submit the essay with no error and grammar issues. Thanks


please submit the essay with no error and grammar issues. Thanks


Risk Assessment Report Instructions

 

INFA 610

 

Background

 

This is an individual research project. The objective of the research project is to develop an

 

Information Asset Risk Assessment Report for an organization of your choosing, and worth 25%

 

of your total course grade. The report will be due by the end of the 11th week. The analysis

 

should be conducted using only publicly available information (that is, information obtainable on

 

the Internet, company reports, news reports, journal articles, etc.). The risk analysis should

 

consider legitimate, known threats that pertain to the subject organization. Based on the

 

information gathered, presumed vulnerabilities of the company or organization?s computing and

 

networking infrastructure will be identified. Then, based on the identified threats and

 

vulnerabilities, you will describe the risk profile for the subject organization and suggest

 

recommendations to mitigate the risks.

 

Your report should be 12 pages, double-spaced, exclusive of cover, title page, table of contents,

 

endnotes and bibliography. Your paper must use APA formatting with the exception that tables

 

and figures can be inserted at the appropriate location rather than added at the end. Submit the

 

report in your Assignment Folder prior to the submission deadline.

 

Project Proposal

 

Prior to writing your report, you must submit a short (a page and half) Project Proposal,

 

indicating the name and relevant aspect(s) of the organization you intend to use as a subject for

 

your report. The proposal must be accompanied by an annotated bibliography submitted via the

 

assignment folder. Your instructor will provide feedback as to the suitability of your subject and

 

bibliography. Additional details are provided below.

 

You will submit a project proposal of your Risk Assessment Report by the end of Session 4.

 

The project proposal will account for 10% of your research paper grade (2.5% of your total

 

course grade).

 

The project proposal should be a page and half (double spaced) description of the organization

 

that you propose to analyze, with a summary of the scope (e.g., entire organization, key

 

business area, major system, etc.) for the risk assessment you are expected to conduct. The

 

proposal should identify the subject organization with a brief explanation of why you chose the

 

subject for this assignment. The proposal should also describe the research methods to be used

 

and anticipated sources of research information sources. Your instructor will use the proposal to

 

provide feedback on the suitability of the proposed subject organization and the scope you

 

propose, as well as the suitability of the proposed research methods and information sources. If

 

you do not provide a proposal, you will be preparing their Risk Assessment Reports "at risk;"

 

i.e., they will run the risk of delivering a report that is not suitable for this course.

 

1 An important step in developing your Risk Assessment Report will be the construction of an

 

Annotated Bibliography. Having developed and described a subject organization and scope of

 

analysis in the proposal, the next step is to identify and assess the value of potential research

 

material. You should identify five (5) to six (6) significant articles relevant to your subject

 

organization and to identifying and assessing risks in a context similar to the scope of your

 

report. For a report of this nature you may expect to find useful sources in both businessfocused (e.g., Business Source Premier, Business and Company Resource Center, ABI/Inform)

 

and technically-focused databases (e.g., ACM Digital Library, IEEE, Gartner.com). The

 

annotated bibliography will consist of 100-250 words per article, that describe the main ideas of

 

the article, a discussion of the usefulness of such an article in understanding various aspects of

 

you report, and other comments you might have after reading the article. For each article, there

 

should be a complete reference in APA format. Your Annotated Bibliography will then form the

 

basis of the sources for your report. (You may also supplement the references used in your

 

report with additional reference material.)

 

Some excellent guidance on how to prepare an annotated bibliography can be found at

 

http://www.library.cornell.edu/okuref/research/skill28.htm.

 

Risk Assessment Report Proposal and Annotated Bibliography should be submitted by the end

 

of Session 4.

 

The grading criteria for the proposal are as follows:

 

1. Organization Selected & Justification (Right Scope and Relevance): 60%

 

2. Research methods proposed (Bibliography): 40%

 

Risk Assessment Report

 

The Risk Assessment Report should be a polished, graduate-level paper. Be sure to carefully

 

cite (using correct APA-Style in-line citations) all sources of information in the report. UMUC

 

policies regarding plagiarism will apply to the Risk Assessment Report as well as all

 

other deliverables in this course. You must submit the report to Turnitn.com to improve the

 

originality score before submitting the report in the Assignment Folder. The lower the originality

 

score the better it is. You should aim for an originality score of 10%..

 

Please submit questions regarding the research paper to the INFA610 ?Q&A? Conference.

 

The Risk Assessment Report should be submitted by the end of Session 11

 

Risk Assessment Report Overview

 

The objective of this assignment is to develop a Risk Assessment Report for a company,

 

government agency, or other organization (the "subject organization"). The analysis will be

 

conducted using only publicly available information (e.g., information obtainable on the Internet,

 

company reports, news reports, journal articles, etc.) and based on judicious, believable

 

extrapolation of that information. Your risk analysis should consider subject organization

 

2 information assets (computing and networking infrastructure), their vulnerabilities and legitimate,

 

known threats that can exploit those vulnerabilities. Your assignment is then to derive the risk

 

profile for the subject organization. Your report should also contain recommendations to mitigate

 

the risks.

 

There is a wealth of business-oriented and technical information that can be used to infer likely

 

vulnerabilities and assets for an organization. It is recommended that students select their

 

organizations based at least in part on ease of information gathering, from a public record

 

perspective.

 

Steps to be followed:

 

1. Pick a Subject Organization: Follow these guidelines:

 

a. No insider or proprietary information. All the information you collect must be readily

 

available for anyone to access. You will describe in your proposal how you intend to

 

collect your information.

 

b. You should pick a company or organization that has sufficient publicly available

 

information to support a reasonable risk analysis, particularly including threat and

 

vulnerability identification.

 

2. Develop Subject Organization Information: Examples of relevant information includes:

 

a.

 

b.

 

c.

 

d.

 

e. Company/Organization name and location

 

Company/Organization management or basic organization structure

 

Company/Organization industry and purpose (i.e., the nature of its business)

 

Company/Organization profile (financial information, standing in its industry, reputation)

 

Identification of relevant aspects of the company/organization?s computing and network

 

infrastructure, Note: Do not try to access more information through Social Engineering, or

 

through attempted cyber attacks or intrusion attempts. 3. Analyze Risks

 

a. For the purposes of this assignment, you will follow the standard risk assessment

 

methodology used within the U.S. federal government, as described in NIST Special

 

Publication 800-30 (United States. National Institute of Standards and Technology

 

(2002). Risk Management Guide for Information Technology Systems (Special

 

Publication 800-30). Retrieved from: http://csrc.nist.gov/publications/nistpubs/80030/sp800-30.pdf)

 

b. In conducting your analysis, focus on identifying threats and vulnerabilities faced by your

 

subject organization.

 

c. Based on the threats and vulnerabilities you identify, next determine both the relative

 

likelihood and severity of impact that would occur should each of the threats materialize.

 

This should produce a listing of risks, at least roughly ordered by their significance to the

 

organization. 3 d. For the risks you have identified, suggest ways that the subject organization might

 

respond to mitigate the risk.

 

4. Prepare Risk Assessment Report

 

a. Reports should be 12 pages (exclusive of cover, title page, table of contents, endnotes

 

and bibliography), double-spaced, and should follow a structure generally corresponding

 

to the risk assessment process described in NIST Special Publication 800-30.

 

b. The report should be prepared using the APA Style. All sources of information should be

 

indicated via in-line citations and a list of references.

 

c. Reports should be submitted via the Assignment Folder.

 

Grading Criteria

 

As previously stated, the Proposal and Annotated Bibliography will constitute 10% of your Risk

 

Assessment Report grade (2.5% of your final grade). You will demonstrate in the final report

 

your risk assessment subject matter competency and communication and knowledge

 

competencies. The Risk Assessment Report, accounting for 22.5% of the final grade, will be

 

assessed as follows: Clear statement of scope to be analyzed and appropriate coverage of that scope: 10%

 

Technical Content (depth and accuracy of information and analysis): 30%

 

Recommendations for risk mitigation or other conclusions supported by research and

 

analysis: 10%

 

Communications competency: 25% (assessed using a graduate school wide rubric)

 

Knowledge competency: 25% (assessed using a graduate school wide rubric) 4

 


Solution details:

Pay using PayPal (No PayPal account Required) or your credit card . All your purchases are securely protected by .
SiteLock

About this Question

STATUS

Answered

QUALITY

Approved

DATE ANSWERED

Sep 13, 2020

EXPERT

Tutor

ANSWER RATING

GET INSTANT HELP/h4>

We have top-notch tutors who can do your essay/homework for you at a reasonable cost and then you can simply use that essay as a template to build your own arguments.

You can also use these solutions:

  • As a reference for in-depth understanding of the subject.
  • As a source of ideas / reasoning for your own research (if properly referenced)
  • For editing and paraphrasing (check your institution's definition of plagiarism and recommended paraphrase).
This we believe is a better way of understanding a problem and makes use of the efficiency of time of the student.

NEW ASSIGNMENT HELP?

Order New Solution. Quick Turnaround

Click on the button below in order to Order for a New, Original and High-Quality Essay Solutions. New orders are original solutions and precise to your writing instruction requirements. Place a New Order using the button below.

WE GUARANTEE, THAT YOUR PAPER WILL BE WRITTEN FROM SCRATCH AND WITHIN A DEADLINE.

Order Now