Preparing for the Final Draft

profileSSSSSSSS19
ACCT855-ResearchWorkship-Unit4-preparingoutline.pptx

Research Workshop Unit 4 – Preparing the outline

ACCT 855

Seminar in Cybersecurity Audit and Disclosure

Dr. Tien Lee, Ph.D., PMP, CISA, CISSP [email protected] | (415)644-TIEN San Francisco State University Lam Family College of Business

Preparing for the Final Draft.

Today:

workshop on preparing outline

Individual Workshop Consultation is available.

Research Note #4 (due on the first presentation date) should include:

Cover page of your report

Outlines of your final report (main heading, sub headings)

Clean up and organize your research notes #1, #2, and #3 into the outlines.

Final Report is DUE on 12/12!

Preparing the Outline

Get started!

Preparing an outline is a crucial step in organizing your thoughts and structuring a long article.

Research and Gather Information:

Use what you have learned in class and from each research notes.

Work on the structure

Use a framework

Decide on the main sections.

Organize your thoughts into sub sections.

Common Structure

Cover page

Table of Content

if you use outline properly, such as H1, H2, H3… modern word processors can generate the table of content automatically.

Executive Summary

a ONE page summary of ALL parts.

Main Body

Sections and sub sections

Intro – analysis – benchmark – lesson learned – conclude.

Reference and bibliography

The Main Body

Introduction

contains the background information.

DO NOT spend too much time introducing the company. Focus on the breach event.

“Set the stage” and prepare to introduce “the play”

“What happened?” --- You can start with headline-grabbing items from the breach to entice readers’ interest.

Once stage is set, and the basic information is known, you can move on to the analysis.

The Main Body - Introduction

Introduction

contains the background information.

DO NOT spend too much time introducing the company. Focus on the breach event.

“Set the stage” and prepare to introduce “the play”

“What happened?” --- You can start with headline-grabbing items from the breach to entice readers’ interest.

Once stage is set, and the basic information is known, you can move on to the analysis.

The Main Body - Analysis

Analysis

Analysis of the facts: the anatomy of the breach.

Can be difficult if the subject matter is unfamiliar to the reader.

Adopt a framework of analysis

You may use the framework introduced in this course to provide the outline for the analysis of facts.

Threat

Threat agent

Vulnerability

The breach

Discovery

Investigation

Impact

Remediation

The Main Body - Benchmark

Benchmark – Evaluation of firm’s disclosure.

The “benchmarking” section usually follows the facts. In this section, the writer will grade, compare, or evaluate the facts.

Example:

Base on the facts analyzed and gathered structurally, how does it compare to _____?

Structures can be useful (see lecture unit 9)

Pros & Cons; good and bad?

Area that’s missing?

Evaluation (1-10? Yes or no?)

justification of the evaluation.

The Main Body - Lesson Learned

Lesson Learned

Based on the facts analyzed, and benchmarks that have performed, what have we learned?

Example:

For the firm: “What we need to do to make a better cybersecurity disclosure?”

The internal reporting mechanism

Board Responsibility (what should the board do?)

Risk Management (What is at risk? What are the potential impacts of future incidents?

Management Involvement

Reporting Structure

Cybersecurity Awareness

Incident Response Preparation

The Main Body - Conclusion

Conclude your article.

This is the part you can voice your opinion.

address your audience and consider the tone based on who the audiences are.

Highlight the “big-ticket” items

Address organizational learning

Forward looking statements

Follow-up activities

Executive Summary

Summarize your sections into 1 paragraph each. So that the busy executives do not read the whole thing.

Individual Consultation

image1.jpeg

image2.png

image3.png