Executive summary on risk mitigation & discussion

Given the information presented in Unit 1 and the materials from “Assignment: Executive Summary on Risk Analysis,” your task for this assignment is to:

• Identify at least five risks to the IT resources.
• Write an executive summary report that describes:
  • The importance of a security policy
  • Methodology to implement the policies to mitigate the identified risks

Required Resources

Materials from Assignment: Executive Summary on Risk Analysis

Submission Requirements

• Format: Microsoft Word
• Font: Arial 12-point size, Double-space
• Citation Style: Follow your school’s preferred style guide
• Length: No more than 500 words

Discussion:

Using the materials you created from Assignment: Executive Summary on Risk Analysis in Lesson 1, examine how the development and implementation of an information security policy together with its accompanying standards, guidelines, and procedures can reduce risk in the organization. You will also discuss the need to maintain the timeliness of the security policy, and to periodically review and update it.

Assignment 1 on Risk Analysis For reference:

Assignment 01 – Executive Summary on Risk Analysis

Attached Files:

Refer to the “Case Scenario: Premiere Collegiate School” handout. Based on your discussion of this scenario in class, create an asset list in order of importance of each asset and then write an executive summary report:

1. Identify all IT assets and enter a description of each into an asset identification and classification table, similar to the following.

IT Asset Description

IT Infrastructure Domain

Privacy Data Impact

Assessment
[Critical-Major-Minor]

Quantitative Value ($)

1. Indicate in which of the seven domains of a typical IT infrastructure the asset resides.
2. Indicate if the asset accesses customer privacy data or contains customer privacy data.
3. Classify the IT asset as Critical, Major, or Minor.

• Critical: Generates revenues or represents intellectual property asset of organization
• Major: Contains customer privacy data.
• Minor: Required for normal business functions and operations.

1. Assign a quantitative value ($) to each asset. Consider the measurable characteristics of each asset, such as the original cost and cost of replacement.
2. Prioritize the order of the assets in the table based on their importance to the school. When prioritizing assets, consider why one asset should be protected more than another.
3. Use the information in the table to create an executive summary that explains your list. This executive summary will be presented to the school’s board of directors.

Required Resources

Text Sheet: Case Scenario: Premiere Collegiate School (ts_premiercollegiateschool)