GRC6.docx

Type: Individual Project

Unit:  Choosing a Risk Framework to Manage Risk

Due Date:  Wed,9/4/19

Grading Type: Numeric

Points Possible:  100

Points Earned: 

Deliverable Length:  2-3 pages

View objectives for this assignment

Go To:

· Assignment Details

· Scenario

· Learning Materials

· Reading Assignment

My Work:

Online Deliverables:

· Submissions

Looking for tutoring? Go to Smarthinking

Collapse All | Expand All Collapse All | Expand All

Assignment Details

Assignment Description

Assignment Details

In a paper of 2–3 pages, reflect back on this week's Discussion Board assignment, and choose an appropriate risk management framework for your organization. Explain why you have chosen the framework and how a controls digest like NIST SP 800-53 or ISO 27002 would help identify controls to reduce risks of threats and vulnerabilities. Explain the relationship between controls and their impact rating as well.

In the second part of the assignment, you will explain how to conduct a risk assessment for your organization using the NIST SP 800-30, Risk Management Guide for Information Technology Systems.

Title your paper: Risk Management Frameworks.

Name the document "CYBR613_First and Last Name_IP3.doc."

Please submit your assignment.

For assistance with your assignment, please use your text, Web resources, and all course materials.

Reading Assignment

Unit 3: CYBR613 CTU Library Guide

Managing Risk in Information Systems:

· Chapter 3, pgs. 69–81

Assignment Objectives

· Conduct an organizational risk assessment analysis