Risk Assessment

profilejimmylb1234
Case1.docx

Risk Assessment

Review these documents on systematic risk assessment frameworks, fundamentals, and processes for risk assessment. Matrixes are also suggested to guide detailed risk assessment of threats, their likelihood, and impacts, etc.

(2017) NIST Document: Security and privacy controls for information systems and organizations.  Draft NIST Special Publication  800-53 Revision 5, Chapter 3 (p. 15-80).

Allen, B. J. and Loyear, R. (2018). Enterprise security risk management: Concepts and applications. Rothstein Publishing. ISBN:9781944480448 Chapters 4 – Chapter 9.  Books 24/7 Version . Available in the Trident Online Library.

Case Assignment

After reviewing the above materials, write a 4- to 5-page paper titled:

"How to Systematically Conduct Risk Assessments of Information Systems Security Risks -- Fundamentals and Methods"

Assignment Expectations

Address the following issues in your paper:

· The importance of risk management for information systems security

· The principles and fundamentals of risk management of information system security

· The methods of risk assessments including processes, matrix, calculations, etc.

· The challenges and solutions to risk assessments that are particularly interesting to you

Background Readings:

Allen, B. J. and Loyear, R. (2018). Enterprise security risk management: Concepts and applications. Rothstein Publishing. ISBN: 9781944480448 Chapters 4 – Chapter 9. Books 24/7 Version. Available in the Trident Online Library.

Nieles, M., Dempsey, K., and Pillitteri, V. Y. (2018). An introduction to information security. National Institute of Standards and Technology.  NIST Special Publication 800-12  Revision Chpt 4 – 5, p. 20 -33

(2017) NIST Document: Security and privacy controls for information systems and organizations.  Draft NIST Special Publication  800-53 Revision 5, Chapter 3 (p. 15-80)

Schurr, M., Tuya, M. D., Noll, K. (2017). Risk-informed decision making in Information System Implementation Projects: Using Qualitative Assessment and Evaluation of Stakeholders' Perceptions of Risk. Proceedings of the 50th Hawaii International Conference on System Sciences.  6120-6219 . (Documents is in resources).

Optional Reading

Discussion of the actual causes of the Chernobyl nuclear reactor disaster: www.pbs.org/wgbh/pages/frontline/shows/reaction/readings/chernobyl.html

Cyberterrorism:  http://www.huffingtonpost.com/dorian-de-wind/cyberterrorism-a-grave_b_2867430.html

Cyberterrorism:  http://www.washingtonpost.com/blogs/post-partisan/wp/2013/03/29/is-the-u-s-prepared-for-cyberterrorism/