Use week 4 template attached. I attached week 1 assignment I did also.
Take on the role of Risk Management Analyst for the organization you chose in Week 1.
Using the Security Risk Mitigation Plan Template, create a 4- to 5.5-page Security Risk Mitigation Plan for the organization you chose.
Research and include the following:
- Security Risk Mitigation Plan:
- Select and document security policies and controls.
- Create password policies.
- Document administrator roles and responsibilities.
- Document user roles and responsibilities.
- Determine an authentication strategy.
- Determine an intrusion detection and monitoring strategy.
- Determine virus detection strategies and protection.
- Create auditing policies and procedures.
- Develop education plan for employees on security protocols and appropriate use.
- Provide risk response.
- Avoidance
- Transference
- Mitigation
- Acceptance
- Address change Management/Version Control.
- Outline acceptable use of organizational assets and data.
- Present employee policies (separation of duties/training).
- Explain incident response.
- Incident types/category definitions
- Roles and responsibilities
- Reporting requirements/escalation
- Cyber-incident response teams
- Discuss the incident response process.
- Preparation
- Identification
- Containment
- Eradication
- Recovery
- Lessons learned