Kibata

Sign In

Our Services

Get 15% Discount on your First Order

Order Now
[rank_math_breadcrumb]

Assign 2 of CG

Follow the attach information to complete this work. Make sure it aligns with the Rubric.

Unit 2 Assignment Directions:

Risk-Assessment Strategy

Purpose

In this assignment, you will detail the risk-assessment plan and strategy for your organization that you described in your discussion post. You have demonstrated that you understand their core business functions and mission. Your risk assessment should be tailored to that understanding. If you implement the risk-management controls recommended by NIST, another standards body, or a trade association for your industry, you will be demonstrating compliance with government requirements. This means that if there is a breach, your legal office can provide a written justification that maps your compliance to your direct business services. This will also support any insurance claims and help to maintain your business reputation.

Directions

Write a detailed overview and analysis of the fundamentals of risk management in cybersecurity for your organization that you described in your discussion post. You may choose one of the following two options for formatting your response (see details below):

· Option A: A 4- to 6-page paper 
OR

· Option B: A matrix (sample provided below) and a 2- to 3-page narrative

Regardless of which format you choose, be sure to address all the following elements:

1.
Write a substantive executive summary that includes the following:

a. A brief statement on the purpose and scope of the RA

b. Your focus on the current organizational assessment

c. Your risk-mitigation and management strategy

d. Cited references to authorities that show the organization’s compliance with government requirements, industry best practices (NIST), or other standards

2.
Assess the cybersecurity posture of your chosen organization. Be sure to include the following:

a. Describe your organization’s business goals, mission, objectives, and how the requirements would support them.

b. Use the implementation tiers in NIST to assess your organization’s current situation.

c. List vulnerabilities, countermeasures, and recommendations for improvement.

3.
Apply the NIST RMF framework:

a. Explain in more detail how to use NIST 800-53 (rev.5), NIST 800-30, and the new NIST 2.0 to create a comprehensive strategy.

b. Explain what actions you would take to align your business strategy with the recommended NIST best practices.

c. Clearly map the business objectives and goals to a cybersecurity plan. Include all the following key measures:

i. Prepare the organization.

ii. Categorize system and information.

iii. Select a range of 4–6 NIST SP 800-53 controls.

iv. Implement the controls and document how controls were deployed.

v. Assess whether the controls are in place, operating as intended, and producing the desired outcomes.

vi. Authorize risk-based decision-making.

vii. Continuously monitor implementation and risks to the system.

4.
Evidence of skills: Demonstrate your knowledge of risk-assessment protocols as well as legal and regulatory compliance.

5.
Write the paper with an organized, logical flow of information. Cite authoritative sources sufficiently to show that your analysis is based on the resources provided or other documents you find through your research. Please use a consistent citation style.

Executive Summary Features

Here are some ideas for what to include in your executive summary. A CEO should be able to use your summary for decision-making purposes. An executive summary includes a brief statement of the issue, which helps the executive understand the topic (risk mitigation and management).

As stated in the directions, cite the authorities you are using to show compliance with government requirements, industry best practices (e.g., NIST), or other standards. To analyze the importance of these requirements and best practices, one approach would be to follow the suggestions below.

Explain briefly how the templates and their rationale provide assurances to the CEO that these requirements reduce the organization’s cybersecurity risk. One way to do this is to cite a specific requirement as an example and explain how it is applied. Then you may also want to talk briefly about a technological solution you are using to assist you in this effort. You can then list some of the vulnerabilities your organization has in the system and explain how you will address them, Finally, you could discuss how you will make sure that you are ensuring compliance (e.g., continuous monitoring, establishing a training program that requires quarterly testing, or some other methods that demonstrate active participation).

To remind yourself how to cite references, visit the Library’s 
APA Document Formatting (7th Edition) and 
APA 7th Edition Citation Examples.

Format

Click the “+” to expand each section below.

Suggested Outline for Option A: Paper

Suggested Outline for Option B: Narrative and Matrix

Submission

· Review the Unit 2 Risk-Assessment Strategy Rubric to understand how you will be assessed on this assignment.

image4.png

image5.png

image6.png

image7.png

image8.png

image1.png

image2.png

image3.png

Share This Post

Email
WhatsApp
Facebook
Twitter
LinkedIn
Pinterest
Reddit

Order a Similar Paper and get 15% Discount on your First Order

Order Now

Related Questions

PhD thesis

I need a comprehensive PhD thesis developed on the topic of “Emotion-Aware Artificial Intelligence and Sustainable Consumer Behavior: A Neuro-AI Marketing Framework for Continuous Green Consumption.”

Co project

· Comprehensive Literature Review: Require a more comprehensive survey of existing approaches. · Comparative Study: Expect more detailed benchmarking of at least 8 to 10 machine learning models. · Additional Experiments: · Conduct feature selection or dimensionality reduction as an extra step. · Explore ensemble methods or advanced techniques beyond

AI

Did AI take place the Software Engineers, HR consultants and Data Entry Jobs?

Data visualization 4 part 2

Follow the attached instructions to complete this work. Unit 4 Assignment Directions: Time Series In this assignment, you will perform a time series analysis in Tableau. · Choose a dataset to analyze based on the requirements provided.   · Once you’ve selected your time series, build a forecast to predict future

Computer Science CG Assignment 8 presentation

Follow the attach instruction to complete this work. Note: Make sure it aligns with Rubric Unit 8 Assignment 2 Directions: Final Presentation Purpose With this presentation, you will gain valuable experience demonstrating your expertise in cybersecurity governance by presenting as a CISO to a hypothetical professional audience.  Directions Begin by incorporating

Computer Science CG assignment 8

Follow the attached assignment to complete the work. Note: Follow Rubric Unit 8 Assignment 1 Directions: Presentation Rehearsal Purpose The rehearsal is your first run-through of your talk. Use the opportunity to de-bug any technical issues with lighting, positioning, and recording. You will not be graded on technical or artistic

Computer Science CG assignment 7 Outline

 Follow the attached document to complete this work Unit 7 Assignment 1 Directions: Professional Presentation Outline Purpose This assignment allows you time to review your research from previous units and organize your thoughts in an outline format. Plan on changing your paper and presentation based on feedback on this outline.  Directions

Computer Science CG assignment 6 ,

Follow the attached direction to complete this work. Note: Make sure it Aligns with Rubric Unit 6 Assignment 2 Directions: Timothy Brown vs. the SEC Purpose The Securities and Exchanges Commission (SEC) is a key US federal agency that regulates financial reporting. In this paper, you will explore how the

Microsoft 365Tenant to Tenant Migration Solution

A smooth tenant-to-tenant migration requires more than just moving mailboxes—it demands precision, security, and planning. With the MailsDaddy Cross-Tenant Migration Service, IT teams can execute a flawless cross-tenant mailbox migration that covers emails, attachments, calendars, contacts, and OneDrive data. It’s built for businesses of every size, ensuring the entire Office

CO Data 3

DECISION TREES for Risk Assessment One of the great advantages of decision trees is their  interpretability. The rules learnt for classification are easy for a person to follow, unlike the opaque “black box” of many other methods, such as neural networks. We demonstrate the utility of this using a  German

Computer Science Homework 1

MMIS 671 Homework 1. Constrained Optimization Problems A company produces 3 types of cables: A, B, and C. In-house production costs per foot of cables A, B, and C are $6, $8, and $10, respectively. The production process requires 5 resources: Drawing, Annealing, Stranding, Extrusion, and Assembly. For each resource,

MIMT

  Task 2.4 — Executing the Payload After decrypting and executing the transferred file, it generates a unique hash tied to your GTID. What’s the hash?

data Discussion 3

Follow the attached instructions to complete this. use the   CRM Sale Dashboard. Unit 3 Discussion: Deconstruction of an Advanced Dashboard: Trends and Improvements   Discussion Prompts · Does the dashboard designer use any of the trends that are described in Milligan’s Chapter 9? · If they did use those

Assign 4 of CG

Follow the attach instructions to complete this work. Make sure it alligns with rubric. Guidance to follow I encourage you to build your project format following the requirements established in each project’s final step. I am going to give you the key to success. I am a fan of headings/subheadings