Microsoft Word - CMP71001_Assignment_1_2019 S31-Final Unit code CMP71001 Assignment 1 Risk assessment. Due Date Learning Outcomes Graduate 7th Dec XXXXXXXXXX00pm (QLD Time) 1, 2 Attributes 3, 4 & 5...

1 answer below »
I have uploaded the assignment file and list of references file in the attachment. You have to follow the Harvard reference style. All the assignment details and marking rubric are mentioned in the file.


Microsoft Word - CMP71001_Assignment_1_2019 S31-Final Unit code CMP71001 Assignment 1 Risk assessment. Due Date Learning Outcomes Graduate 7th Dec 2019 11.00pm (QLD Time) 1, 2 Attributes 3, 4 & 5 Weight 20% of overall unit assessment Suggestion This assignment is developmental and cumulative. You are strongly advised to start doing this assignment from Week-4 in your study. Leaving your starting date to the week before the due date is a very poor strategy for success in the unit. Task Description You are a cybersecurity consultant working for one of the big-4 consulting firms. In your client portfolio you have the choice of working on a cybersecurity program for the following clients; an educational institute (such as a university), a small-to-medium sized business (SME), and a division of large business/government organisation. You are to choose one client. As part of your work for the client, you have chosen you are required to provide a client report that explains the importance of cybersecurity risk assessments. To successfully write this report, you must complete the following tasks: • Task 1: discuss why risk assessment is the most critical step in developing and managing cyber security in the organisation and identify any limitations of the current risk assessment methods. • Task 2: create five questions that will identify the most critical information assets of the organisation and justify how the five questions you have created achieve this. For example, you could assume that an organisation website is one of the most critical information assets of the organisation. Create a WFA template to rank the top five assets. • Task 3: identify the top five threats to the organisation information assets. Support your findings by referencing reputable sources of information. • Task 4: Discuss how the top five threats identified in Task 3 could/could not impact the asset. Rank the threats and define the risk values based on their likelihood of exposure and levels of impact (potential consequences) on the asset. Support your discussion by quoting reputable sources of information. You are free to make any assumption(s) you wish regarding the organisation structure, mission, vision, business profile, etc. which will need to be documented in the appropriate sections of your report. CMP71001 – Cybersecurity Assignment-1, S3 2019 Assessment Criteria Criteria Max Mark Task1 6 Concept of risk assessment in the context of cybersecurity 1.5 Identification of knowledge by performing risk assessment 1.5 Application of risk assessment results for risk management 1.5 Limitations of the current risk assessment approaches 1.5 Task 2 4 Questions design to identify the most critical information assets 2 WFA worksheet to rank the assets. 2 Task 3 4 Threats to the organisation information assets 4 Task 4 4 Risk analysis (Impact analysis and risk ranking) 4 Documentation 2 Professional presentation. 1 Referencing 1 Total 20 Format, Presentation and length There is no report template to be used in this assignment, so you can design your own template or refer to online resources. However, the report should be well presented in a standard report format. Due to the system setting constraint, the report 1 length was set with 1000 words in the unit UIG. You are advised that there is no formal word limit for the report. However, a good report is expected to be somewhere in the vicinity of 2,000 - 3,000 words from Introduction to Conclusion. Note that this is a very rough estimate and there will be no penalties imposed based on the number of words (no real ceiling if the content is precise and relevant!) 4 Assignment-1 marking rubric The following marking rubric will be used for the marking of your submission. It contains a detailed breakdown of the marking criteria for this assignment. Make sure you read CAREFULLY this to understand how your work would be graded against each of the defined criteria. Criteria Task 1 Level of Student Performance HD (85-100%) D (75-85%) C (65-75%) P (50-65%) F (0-49%) Risk assessment Concept Knowledge Identification  Correct and accurate definition of risk assessment;  A clear description that precisely shows the essence of the risk assessment process and its objectives. Clear and correct information that indicates at least 4/5 different points of usefulness in line with the objectives of risk assessments.  Correct and accurate definition of risk assessment;  A clear description that shows the essence of the risk assessment process and its objectives. Clear and correct information that indicates at least 3 different points of usefulness in line with the objectives of risk assessments.  Reasonably correct definition of risk assessment;  Adequate description that shows the most essence of the risk assessment process and its objectives Clear and correct information that indicates at least 2 different points of usefulness in line with the objectives of risk assessments  Reasonably correct definition of risk assessment;  A very brief description that shows some essence of the risk assessment process and its objectives. Adequate information that indicates at least 2 different points of usefulness in line with the objectives of risk assessments Little or no correct description that shows essence of the risk assessment process and its objectives Little or no relevant information in line with the objectives of risk assessments. Application of risk  Comprehensive and solid  Comprehensive arguments of  Comprehensive arguments  Adequate arguments of the use  Little or no valid assessment results arguments of the use of risk the use of risk assessment of the use of risk of risk assessment results in arguments of the use of assessment results in developing results in developing and assessment results in developing and managing risk assessment results in and managing cybersecurity; managing cybersecurity; developing and managing cybersecurity; developing and managing  Clearly explain how they can affect the business decision-  Clearly explain how they can affect the business decision- cybersecurity;  Briefly explain how they  Briefly explain how they can affect the business decision- cybersecurity. making process. making process can affect the business making process decision-making process limitations of the Critical analysis of the limitations Detail description but not Detail description of the Brief description of the Little or no description of the risk assessment inherited with both qualitative and critical analysis of the limitations inherited with limitations inherited with both limitations inherited with approach qualitative methods. limitations inherited with both either qualitative and qualitative and qualitative both qualitative and methods. qualitative methods. CMP71001 – Cybersecurity Assignment-1, S3 2019 4 qualitative and qualitative methods. qualitative methods but not both. Task 2 Questions to ask for the most critical information assets  Define and discuss five questions you would ask to identify most critical assets of the given organisation.  Clear justification why those assets are critical to the organisation.  Define and discuss at least four questions you would ask to identify most critical assets of the given organisation.  Clear justification why those assets are critical to the organisation.  Define and discuss at least three questions you would ask to identify most critical assets of the given organisation.  Reasonable justification why those assets are critical to the organisation.  Briefly define and discuss at least five questions you would ask to identify most critical assets of the given organisation.  No justification provided why those assets are critical to the organisation. Little to no response to this task. WFA worksheet  Clearly define at least 3 criteria that match with the given context.  Explain the importance of those criteria.  Define and justify their impact factor.  Clearly define at least 3 criteria that match with the given context.  Explain the importance of those criteria.  Define their impact factor.  Clearly define at least 3 criteria that match with the given context.  Explain the importance of those criteria.  Briefly define at least 2 criteria that match with the given context.  Briefly explain the importance of those criteria. Little to no discussion on WFA worksheet Task 3 Threats  Correctly identify at least five threats;  Discuss each threat sufficiently detailed with threat agent, method of delivery and working mechanism.  Justify why do you feel these are the critical threats to the organization.  Correctly identify at least five threats;  Discuss most of them sufficiently detailed with threat agent, method of delivery and working mechanism.  Briefly justify why do you feel these are the critical threats to the organization.  Correctly identify at least 4 threats;  Briefly discuss most of them with threat agent, method of delivery and working mechanism.  Briefly justify why do you feel these are the critical threats to the organization  Correctly identify at least 2 threats;  Briefly discuss them with threat agent, method of delivery and working mechanism.  Briefly Justify why do you feel these are the critical threats to the organization Little to no threats identification or discussion Task 4 Impact assessment and ranking  Comprehensive qualitative risk assessment presented to rank and prioritise risks for all items identified above.  Comprehensive qualitative risk assessment presented to rank and prioritise risks for most of the items identified above.  Qualitative risk assessment presented to rank and prioritise risks for most of the items identified above.  Brief risk assessment presented to rank and prioritise risks for most of the items identified above  Little or
Answered Same DayDec 02, 2021CMP71001Southern Cross University

Answer To: Microsoft Word - CMP71001_Assignment_1_2019 S31-Final Unit code CMP71001 Assignment 1 Risk...

Nextgen answered on Dec 05 2021
141 Votes
RISK ASSESSMENT
Table of Content
1. Introduction    4
2. Task-1    4
2.1 Risk assessment concept in the cyber security context    4
2.1.1 Risk assessment definition    4
2.1.2 Essence of the risk assessment process and the objectives    4
2.2 Knowledge identification    5
2.2.1 Five different points’ indications    5
2.3 Risk assessment result application    5
2.3.1 Develop the cyber security management    6
2.3.2 Impact of risk assessment result on the business decision-making process    6
2.4 Risk assessment approach limitations    6
2.4.1 Limitations of the qualitative risk assessment approach    6
2.4.2 Limitations of the quantitative risk asse
ssment approach    7
3. Task-2    7
3.1 Question identifications    7
3.1.1 Analysis of five questions for identifying the critical assets    7
3.1.2 The reason behind the identification of the critical assets    7
3.2 WFA worksheet for ranking the assets    7
3.2.1 Three matched criteria with the context    7
3.2.2 Importance of these criteria    8
3.2.3 Justifications of the impacting factors    8
4. Task-3    9
4.1 Threats to Information assets    9
4.1.1 Identify five threats    9
4.1.2 Significant discussions about these threats    9
4.1.3 Reasons behind treating these threats as critical    10
5. Task-4    10
5.1 Risk impact analysis    10
5.1.1 Risks ranking    10
5.1.2 Justifications of the risk mappings    11
6. Conclusion    11
7. Reference list    12
1. Introduction
Cyber-security protects the computer systems and networks from being disruption. Fleet Space Technologies connects the IoT across the world and uses a major fleet for low-cost satellites. As a cyber-security consultant, cyber security program is selected to develop the IoTs of Fleet Space Technologies. Fleet Space Technologies is the largest capital raising history to launch 10 nano-satellites for boosting the user infrastructure.
2. Task-1
2.1 Risk assessment concept in the cyber security context
Risk assessment is important to identify, estimate, resolve risks associated with the information of Things within Fleet Space Technologies, for preventing the systems from being damaged and misled. Risk scanning implements the risk consequences for initializing the associated risk factors with Fleet Space Technologies (Fleet.Space, 2019).
2.1.1 Risk assessment definition
Risk assessment identifies the different information assets that impact on the entire business entities of Fleet Space Technologies. Fleet Space Technologies depends on information systems and information technology for conducting business. Online computing is one of the classes in information systems, which can facilitate and manage applications that are transaction oriented and used for data entry as well as retrieval of transaction processing on database management system. It has been defined that online transaction system as the capturing of transaction as well as event information utilizing technology in order to process the information as per the business rules. On the other hand, globalization and internet has transformed aspects of life through providing several features and functionalities in new systems that includes online transaction systems. Risk assessment is considered as the fairly technological concept that is performed an assessment literally to estimate the encountered risks by Fleet Space Technologies. Risk assessment minutiae both the external and internal vulnerabilities and the likelihood of these vulnerable exploitations (Macher et al., 2016).
2.1.2 Essence of the risk assessment process and the objectives
Expert guidance leads to the risk assessment process in a successful track through proper planning and specialist knowledge inclination. Fleet Space Technologies continuously monitors the risk environments for detecting the business estimation changes and maintaining the complete overview of the risk assessment process. Risk assessment process mitigates the risks by establishing certain cyber security criteria. Continuous risk management produces valid consistent that retains the risk ranking and documentation (Macher et al., 2016). The lack of data integrity, data confidentiality and data availability associate the risks with the IoTs of Fleet Space Technologies. The objectives of risk assessment are to provide information and cyber security guidelines for Fleet Space Technologies and also demonstrate the compiled requirements.
2.2 Knowledge identification
Risk assessment provides a thorough knowledge of the intensity and dimensions of identified risks. The impact of the identified risks is focused on the objectives of the business of Fleet Space Technologies.
2.2.1 Five different points’ indications
The objectives of risk assessments highlight the business appraisals that wisely assist to develop the knowledge regarding risk assessment and its importance. There mentioned five different indication points that spotlight the risk assessment objectives.
· Hazard evaluation- Risk assessment provides the knowledge to minimize the impact of hazards that negatively affect the information systems of Fleet Space Technologies.
· Harmful consequences identification- Risk assessment identifies the harmful consequences associated with Fleet Space Technologies that provides a thorough knowledge about reviewing the risk assessment routine for identifying the culprits,
· Uncertainty identification- Future has no certainty and the profit margin of Fleet Space Technologies can be disrupted anytime due to the continuous involvements of risks. It provides the top management of Fleet Space Technologies to fight against the uncertainty by appropriately identifying the risks (Thuraisingham et al., 2016, July).
· Risk ranking- Risk assessment arranges the risk based on the highest occurrence likelihood that provides knowledge about the dimensions of the risks. Risk calculator calculates the risk intensity and the most relevant risk deduction approach.
· Risk mitigation- Risk mitigation lessens the risk by maintaining risk assessment strategy that prepares potential risk documentation for Fleet Space Technologies (Baikalov et al., 2016).
2.3 Risk assessment result application
Risk assessment result summarizes the risk assessment process and evaluates the associated risks. This result has effectiveness while applying it to develop cyber security systems. Fleet Space...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here