CompetencyIn this project, you will demonstrate your mastery of the following competencies:
Analyze the design of a risk mitigation plan for its inclusion of best practices in the field
Identify legal and ethical considerations in risk analysis and mitigation within an information technology environment
ScenarioYou are a risk management consultant and have been contacted by the chief information officer (CIO) of Workers Werks Credit Union (WWCU), a mid-size but growing credit union, to conduct an evaluation of its current IT cybersecurity risk management plan. Data privacy is a big concern in the banking sectors, and the CIO is concerned that WWCU’s current plan is outdated and has significant weaknesses.
In your conversation with the CIO, you gather the following information about the situation:
Current plan: The credit union adopted the current cybersecurity risk plan three years ago, but the CIO is concerned about possible gaps in the plan and would like to update it.
Workforce: The credit union has experienced significant revenue growth, and the number of employees with access to its IT infrastructure has grown exponentially in the last five years.WWCU now has nearly 1,000 users with different levels of access to its central database.
Strategy: The credit union is looking to expand into new markets in the coming year and will need to make significant changes to its IT infrastructure.
Compliance: The CIO is concerned not only about legal compliance but also ethical issues related to the protection of personally identifiable information (PII) of its customers. The company has set these priorities related to legal and ethical compliance:Address the current legal environment (domestic and international)
Anticipate emerging issues
Meet industry ethical standards (e.g., SANS IT code of ethics)
Match best practices for risk planning within the industry
DirectionsRisk Analysis ReportThe CIO is asking you to prepare a 3–4 page report that evaluates the company’s current IT Security Risk Management Plan, linked in the Supporting Materials section.
The report should contain the following:
Scope: Evaluate the scope and comprehensiveness of the current plan.How does the plan describe its objectives?
How does the plan balance risk and cost?
In what ways does the plan cover the business objectives end to end?
How does the plan address all stakeholders who could be impacted by a cybersecurity attack?
Risk: Determine how the current plan identifies risks.How does the plan identify the risks, vulnerabilities, and threats that could impact mission-critical business functions and processes?
How does the plan identify industry-related risks (internal and external)?
Impact: Analyze how the identified risks might impact the organization’s assets.How does the plan identify key assets and activities that need to be protected?
How does the plan estimate the financial impact of losses?
How does the plan address business continuity and asset replacement?
Mitigation: Evaluate the current plan’s mitigation recommendations.How effectively does the plan translate the risk assessment into a risk mitigation plan?
How does the plan prioritize risk elements?
Legal Compliance: Assess how the plan addresses legal considerations.
Non-Compliance: Determine how the plan anticipates the implications of non-compliance.
Ethical Considerations: Assess how the plan aligns with current ethical codes within the cybersecurity field.
What to SubmitTo complete this project, you must submit the following:
Risk Analysis Report (3–4 pages)Your report should be 3–4 pages, double spaced, and submitted on a file that your instructor can easily access (.PDF, .doc).
Supporting MaterialsThe following resource(s) may help support your work on the project:
WORKERS WERKS CREDIT UNION (WWCU) IT Security Risk Management PlanDescription: This document contains the security risk management plan for software and hardware implementations throughout WWCU. It covers the management of all security-related risks during the implementation life cycle. This is the document you will use to create your analysis report.
Project One RubricCriteriaExemplary (100%)Proficient (85%)Needs Improvement (55%)Not Evident (0%)ValueScopeExceeds proficiency in an exceptionally clear, insightful, sophisticated, or creative mannerEvaluates the comprehensiveness of the planShows progress toward proficiency, but with errors or omissions; areas for improvement may include an evaluation of the stakeholders’ impact analysis and a balance of risk and costDoes not attempt criterion10RiskExceeds proficiency in an exceptionally clear, insightful, sophisticated, or creative mannerDetermines how the current plan identifies risks that will impact mission-critical business functionsShows progress toward proficiency, but with errors or omissions; areas for improvement may include an appraisal of the current risks and how they will impact mission-critical business functionsDoes not attempt criterion15ImpactExceeds proficiency in an exceptionally clear, insightful, sophisticated, or creative mannerAnalyzes how the identified risks might impact the organization’s assetsShows progress toward proficiency, but with errors or omissions; areas for improvement may include an evaluation of how the identified risks might impact the organization’s assetsDoes not attempt criterion20MitigationExceeds proficiency in an exceptionally clear, insightful, sophisticated, or creative mannerEvaluates how effectively the plan translates the risk assessment into a risk mitigation planShows progress toward proficiency, but with errors or omissions; areas for improvement may include an evaluation of how the plan translates the risk assessment into a risk mitigation planDoes not attempt criterion20Legal ComplianceExceeds proficiency in an exceptionally clear, insightful, sophisticated, or creative mannerAssesses how the plan addresses the relevant regulations related to legal complianceShows progress toward proficiency, but with errors or omissions; areas for improvement may include an assessment of how the plan addresses the relevant regulations related to legal complianceDoes not attempt criterion10Non-ComplianceExceeds proficiency in an exceptionally clear, insightful, sophisticated, or creative mannerDetermines how the plan anticipates the implications of non-complianceShows progress toward proficiency, but with errors or omissions; areas for improvement may include a determination of how the plan anticipates the implications of non-complianceDoes not attempt criterion5Ethical ConsiderationsExceeds proficiency in an exceptionally clear, insightful, sophisticated, or creative mannerAssesses how the plan aligns with current ethical codes within the cybersecurity fieldShows progress toward proficiency, but with errors or omissions; areas for improvement may include an assessment of how the plan aligns with current ethical codes within the cybersecurity fieldDoes not attempt criterion10Articulation of ResponseExceeds proficiency in an exceptionally clear, insightful, sophisticated, or creative mannerClearly conveys meaning with correct grammar, sentence structure, and spelling, demonstrating an understanding of audience and purposeShows progress toward proficiency, but with errors in grammar, sentence structure, and spelling, negatively impacting readabilitySubmission has critical errors in grammar, sentence structure, and spelling, preventing understanding of ideas5Citations and AttributionsUses citations for ideas requiring attribution, with few or no minor errorsUses citations for ideas requiring attribution, with consistent minor errorsUses citations for ideas requiring attribution, with major errorsDoes not use citations for ideas requiring attribution5Total:100%
Why Choose Us
Top quality papers
We always make sure that writers follow all your instructions precisely. You can choose your academic level: high school, college/university or professional, and we will assign a writer who has a respective degree.
Professional academic writers
We have hired a team of professional writers experienced in academic and business writing. Most of them are native speakers and PhD holders able to take care of any assignment you need help with.
Free revisions
If you feel that we missed something, send the order for a free revision. You will have 10 days to send the order for revision after you receive the final paper. You can either do it on your own after signing in to your personal account or by contacting our support.
On-time delivery
All papers are always delivered on time. In case we need more time to master your paper, we may contact you regarding the deadline extension. In case you cannot provide us with more time, a 100% refund is guaranteed.
Original & confidential
We use several checkers to make sure that all papers you receive are plagiarism-free. Our editors carefully go through all in-text citations. We also promise full confidentiality in all our services.
24/7 Customer Support
Our support agents are available 24 hours a day 7 days a week and committed to providing you with the best customer experience. Get in touch whenever you need any assistance.
Try it now!
How it works?
Follow these simple steps to get your paper done
Place your order
Fill in the order form and provide all details of your assignment.
Proceed with the payment
Choose the payment system that suits you most.
Receive the final file
Once your paper is ready, we will email it to you.
Our Services
No need to work on your paper at night. Sleep tight, we will cover your back. We offer all kinds of writing services.
Essays
You are welcome to choose your academic level and the type of your paper. Our academic experts will gladly help you with essays, case studies, research papers and other assignments.
Admissions
Admission help & business writing
You can be positive that we will be here 24/7 to help you get accepted to the Master’s program at the TOP-universities or help you get a well-paid position.
Reviews
Editing your paper
Our academic writers and editors will help you submit a well-structured and organized paper just on time. We will ensure that your final paper is of the highest quality and absolutely free of mistakes.
Reviews
Revising your paper
Our academic writers and editors will help you with unlimited number of revisions in case you need any customization of your academic papers