CLICK HERE TO DOWNLOAD THIS ANSWER INSTANTLY $18 Only
IT 438 IT Risk Management
Security Risk Assessment
You will be completing a security risk assessment for a small organization. For the security risk assessment, you will be using the Octave-Allegro methodology. This methodology is explained in Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process.
This report also provides guidance on how to conduct a security risk assessment with OctaveAllegro and contains The worksheets That you Will be Required to complete and turn in. This report also provides sample threat scenario questionnaires that you will
Need to tailor to the organization you choose, complete, and then turn in.
All deliverables should be in APA format.
In addition to reading these reports, be sure to review the rubrics for each assignment.
Deliverables
- Select Organization
o 5 points
o Select a small business or a small organizational unit within a larger business
o The organization must have an information asset on a computer
o Receive permission from the manager of the organization
o The organization should not have created or updated a risk assessment or BCP in the last
12 months.
o You may not use an organization where you are employed if your primary duty is risk
assessment or business continuity.
o You should turn in:
Name of the organization
Name of the manager
The information asset(s) you plan to assess
IT 438 IT Risk Management
Security Risk Assessment
- Octave-Allegro Worksheets and Octave-Allegro Threat Scenario Questionnaires
o 25 points
o Following the steps outlined in the Octave Allegro Guidebook, you should:
Complete each of the 10 worksheets
Complete the threat scenario questionnaires
o You should tailor the worksheets and questionnaires as necessary for the organization
you chose.
o All information must be typed on these worksheets and questionnaires. This means that
you may need to transcribe the information from any handwritten notes that you may
have taken.
o You should turn in:
All Octave Allegro worksheets.
You should be filling out at least one but no more than two Worksheet 8s
For each Worksheet 8, you will need a complete set of Worksheets 9a-c
You will need at least five Worksheet 10s
All Octave Allegro threat scenario questionnaires
- Security Risk Assessment
o 75 points
o The report should:
IT 438 IT Risk Management
Security Risk Assessment
Be targeted to the manager of the organization, NOT the professor of this class
Be based on the information you gathered using the Octave-Allegro methodology.
Provide the details of your assessment, including your findings and recommended
mitigation efforts.
All security controls must cite the appropriate source(s), regardless of whether the
organization has implemented the controls or not.
Any recommended mitigation efforts must cite the appropriate source(s).
Throughout the report, you should demonstrate understanding of the material covered
throughout the quarter.
o Report format
If your organization has a risk assessment report template, you should use that.
All fonts, spacing, etc. should follow the template
You will need to add an APA-formatted reference list to the report for any
citations you make
If your organization does not have a template, use the provided one.
All narrative text should be 12-point Times New Roman font
One inch margins
All citations and references should be in APA format
o You should turn in:
A completed report
All Octave Allegro worksheets with updates as needed
If you do not update the worksheets based on the feedback I provide from
Deliverable 2, you will receive a zero for this deliverable.
All Octave Allegro threat scenario questionnaires with updates as needed