Site icon Tutor Bin

SNHU Cyber Security Risk Assessment Paper

SNHU Cyber Security Risk Assessment Paper

Description

Overview

Risk assessment plans hinge on the estimated importance attached to risks that have been identified. This importance is established in one of two ways: qualitatively or quantitatively.

For this activity, you will:

  1. Read the scenario.
  2. Utilize qualitative and quantitative risk assessment (RA) processes.
  3. Provide qualitative and quantitative estimates to inform management of the risks and costs associated with the project.

Prompt

Imagine that you work for a company as a network administrator. Your company has just won a large contract with the United States government and you have been given the responsibility to plan and implement the project. The project involves expanding an existing computer network. Your company has never worked with the U.S. government at this level. Therefore, this is your chance to prove yourself in the company.

In meetings, you have explained the architecture, new enterprise-level firewall, additional requirements for network monitoring, need for an additional system administrator, and risks of not complying with Federal Information Security Management Act (FISMA) regulations for securely working with the U.S. government.

The National Institute of Standards and Technology (NIST) outlines nine steps toward compliance with FISMA:

  1. Categorize the information to be protected.
  2. Select minimum baseline controls.
  3. Refine controls using a risk assessment procedure.
  4. Document the controls in the system security plan.
  5. Implement security controls in appropriate information systems.
  6. Assess the effectiveness of the security controls once they have been implemented.
  7. Determine agency-level risk to the mission or business case.
  8. Authorize the information system for processing.
  9. Monitor the security controls on a continuous basis.

It is expected that the implementation of the project will have a total cost of $3 million to bring it to full operation, including full compliance with the FISMA standards, in approximately six months. Your tasks in this project are to develop, test, and bring into production a network with these requirements in a short time frame.

This project, if executed properly, is likely to have an annual income of $30 million USD for your company. This income is a 20% premium to other sources of income, amounting to $90 million. Your company is expected this revenue in the current year, and it will greatly contribute to the company’s bottom line.

Based on the service level agreement with the U.S. government, service delivery requirements are expected to be on time and within the specified quality parameters of +/- 1% of the time with specified deliverables scheduled for every other Friday afternoon at the end of the day. For each month the project is late, a 5% reduction per month in the overall contract price will be imposed. If this reduction reaches 20%, the contract will be transferred to another company that was part of the original bidding process.

There is a lot at stake in this project. Therefore, it’s imperative that you execute an effective and accurate RA. These are your tasks:

  1. Estimate the qualitative and quantitative risks of bringing the project to completion:
    • On time
    • One month early
    • Two months late
  2. Estimate the qualitative risks of bringing the project to completion:
    • On time, but not with the required security
    • One month early with the required security requirements
    • Two months late, without the required security requirements
  3. Estimate the qualitative and quantitative risks of bringing the project to completion on time, with the required security requirements, within/on budget, but not meeting the required contractual commitment for service.

Guidelines for Submission

Produce a brief RA report of 2 pages, double spaced and submitted as either a Word document or PDF. You can use tables or other organizational features in Word to clearly communicate the recommendation and assessed risks.

Resources are not required, but any resources used must be appropriately cited using APA style. Your submission must completely address all of the tasks and requirements in the Prompt section.

Module Six Activity Rubric

Criteria Exemplary (100%) Proficient (85%) Needs Improvement (55%) Not Evident (0%) Value
Qualitative Estimation Exceeds proficiency in an exceptionally clear, insightful, sophisticated, or creative manner Accurately estimates the qualitative risks of bringing the project to completion under each identified circumstance Shows progress toward proficiency, but with errors or omissions; areas for improvement may include identifying specific qualitative risks (e.g., assessing a risk as low, medium, or high) Does not attempt criterion 40
Quantitative Estimation Exceeds proficiency in an exceptionally clear, insightful, sophisticated, or creative manner Accurately estimates the quantitative risks of bringing the project to completion under each identified circumstance Shows progress toward proficiency, but with errors or omissions; areas for improvement may include identifying specific quantitative risks (e.g., associate a specific financial amount to each identified risk) Does not attempt criterion 40
Articulation of Response Exceeds proficiency in an exceptionally clear, insightful, sophisticated, or creative manner Clearly conveys meaning with correct grammar, sentence structure, and spelling, demonstrating an understanding of audience and purpose Shows progress toward proficiency, but with errors in grammar, sentence structure, and spelling, negatively impacting readability Submission has critical errors in grammar, sentence structure, and spelling, preventing understanding of ideas 10
Citations and Attributions Attributes sources where applicable using citation methods with very few minor errors Attributes sources where applicable, but with consistent minor errors Attributes sources where applicable, but with major errors Does not attribute sources where applicable 10
Total: 100%

Have a similar assignment? "Place an order for your assignment and have exceptional work written by our team of experts, guaranteeing you A results."

Exit mobile version