Week 5

 

The CIO of your organization has asked you to create a 4- to 6-page risk management and mitigation plan for security vulnerabilities.

Select five vulnerabilities and align associated risks to a risk management framework, such as NIST SP 800-37. Include the following:

  • Consider the potential vulnerabilities or threats facing the organization. 
  • Describe of the risk each vulnerability or threat would have on the organization in terms of its people, network, data, or reputation. 
  • Explain each risk’s impact on the organization. 
  • Provide a defined mitigation for each vulnerability, such as an incident response plan, disaster recovery plan, or business continuity plan. Give a defined reason why a vulnerability or threat would not be mitigated, such as the use of a different risk control strategy, if appropriate.
Tags: No tags