GRC 6
Type: Individual Project
Unit: Choosing a Risk Framework to Manage Risk
Due Date: Wed,9/4/19
Grading Type: Numeric
Points Possible: 100
Points Earned:
Deliverable Length: 2-3 pages
View objectives for this assignment
Go To:
· Scenario
My Work:
Online Deliverables:
Looking for tutoring? Go to Smarthinking
Collapse All | Expand All Collapse All | Expand All
Assignment Details
Assignment Description
Assignment Details
In a paper of 2–3 pages, reflect back on this week's Discussion Board assignment, and choose an appropriate risk management framework for your organization. Explain why you have chosen the framework and how a controls digest like NIST SP 800-53 or ISO 27002 would help identify controls to reduce risks of threats and vulnerabilities. Explain the relationship between controls and their impact rating as well.
In the second part of the assignment, you will explain how to conduct a risk assessment for your organization using the NIST SP 800-30, Risk Management Guide for Information Technology Systems.
Title your paper: Risk Management Frameworks.
Name the document "CYBR613_First and Last Name_IP3.doc."
Please submit your assignment.
For assistance with your assignment, please use your text, Web resources, and all course materials.
Reading Assignment
Unit 3: CYBR613 CTU Library Guide
Managing Risk in Information Systems:
· Chapter 3, pgs. 69–81
Assignment Objectives
· Conduct an organizational risk assessment analysis