TASK back to top Read the Regional gardens case study document before attempting this assignment. Tasks: You have been employed by Regional Gardens as their first ever Chief Information Officer (CIO)....

File uploaded Below


TASK back to top Read the Regional gardens case study document before attempting this assignment. Tasks: You have been employed by Regional Gardens as their first ever Chief Information Officer (CIO). You have been tasked by the Board to conduct a review of the company’s risks.  1. As the first step, you are to provide a Risk Register for Regional Gardens. This risk register must contain, as a minimum:  a. A description of each risk identified.  b. A summary of the impact or consequence if the risk was to arise.  c. The inherent risk assessment (this is the assessed, raw/untreated risk inherent in a process or activity without doing anything to reduce the likelihood or consequence).  d. The key controls to mitigate the risk.  e. The residual risk assessment (this is the assessed risk in a process or activity, in terms of likelihood and consequence, after controls are applied to mitigate the risk) f. Prioritisation of the risk using a standardised framework (such as the ANSI B11.0.TR3 Risk Assessment Matrix) Your Risk Register should be in table format using the following column headings: · Risk · Impact · Assessment · Controls · Residual Risk · Priority RATIONALE back to top This assessment task will assess the following learning outcome/s: · be able to justify the goals and various key terms used in risk management and assess IT risk in business terms. · be able to apply both quantitative and qualitative risk management approaches and to compare and contrast the advantages of each approach. · be able to critically analyse the various approaches for mitigating security risk, including when to use insurance to transfer IT risk.   MARKING CRITERIA AND STANDARDS back to top Task HD DI CR PS FL Value Identified Risk Comprehensive identification of risks in all areas of case study  Very good identification of risks in all areas of case study Good identification of risks in most areas of case study Adequate identification of risks in many areas of case study Incomplete or inadequate identification of risks in some areas of case study 10 Impact Comprehensive summary of risk impact for all identified risks Very good summary of risk impact for all identified risks Good summary of risk impact for most identified risks Adequate summary of risk impact for many identified risks Incomplete or inadequate summary of risk impact for identified risks 20 Assessment Comprehensive summary of inherent risk for all identified risks Very good summary of inherent risk for all identified risks Good summary of inherent risk for most identified risks Adequate summary of inherent risk for many identified risks Incomplete or inadequate summary of inherent risk for identified risks 20 Controls Comprehensive list of key controls to mitigate each identified risk Thorough list of key controls to mitigate each identified risk Good list of key controls to mitigate each identified risk Adequate list of key controls to mitigate each identified risk Incomplete or inadequate list of key controls to mitigate each identified risk 20 Residual Risk Comprehensive summary of residual risk for each identified risk Very good summary of residual risk for each identified risk Good summary of residual risk for most identified risks Adequate summary of residual risk for many identified risks Incomplete or inadequate summary of residual risk for identified risks 20 Priority Priority assigned to each identified risk using a standard framework Priority assigned to approximately 80% of  identified risk  Priority assigned to approximately 60% of identified risks  Priority assigned to approximately 40% of identified risks Priority assigned to < 20% of identified risk 10 referencing and presentation up to 5 marks may be deducted for incorrect or incomplete referencing in numbered ieee format  up to 5 marks may be deducted for poor presentation, spelling and grammar presentation back to top when submitting your assignment be sure to meet the following presentation requirements: · this assignment must be submitted in tabular format.  · assignments are required to be submitted in a word format (.doc, or .docx) only. each assignment must be submitted as a single document. · assignments should be typed using  a 12 point font, times new roman/arial and 1.5 spacing. · this assignment should be referenced using the numbered ieee style format. 20%="" of="" identified="" risk="" 10="" referencing="" and="" presentation="" up="" to="" 5="" marks="" may="" be="" deducted="" for="" incorrect="" or="" incomplete="" referencing="" in="" numbered="" ieee="" format ="" up="" to="" 5="" marks="" may="" be="" deducted="" for="" poor="" presentation,="" spelling="" and="" grammar="" presentation="" back="" to="" top="" when="" submitting="" your="" assignment="" be="" sure="" to="" meet="" the="" following="" presentation="" requirements:="" ·="" this="" assignment="" must="" be="" submitted="" in="" tabular="" format. ="" ·="" assignments="" are="" required="" to="" be="" submitted="" in="" a="" word="" format="" (.doc,="" or="" .docx)="" only.="" each="" assignment="" must="" be="" submitted="" as="" a="" single="" document.="" ·="" assignments="" should="" be="" typed="" using=""  a="" 12="" point="" font,="" times="" new="" roman/arial="" and="" 1.5="" spacing.="" ·="" this="" assignment="" should="" be="" referenced="" using="" the="" numbered="" ieee="" style="">