IT 549 Risk Assessment

IT 549 Milestone Three Guidelines and Rubric In order to effectively respond to applicable threats, information technology administrators must be able to accurately evaluate the threat environment. The ability to engage in this evaluation originates from the performance of a risk assessment. Performing a risk assessment can take on many forms. One recent method of engaging in risk assessment has come in the form of utilizing firewalls and firewall audit tools. Through these mea sures, IT administrators can map the network and critically analyze where any potential vulnerabilities may lie. The outcomes of these measures results in increased awareness of the most likely types of threats that may materialize, and enables administrators to configure the network in order to mitigate and address these weaknesses and vulnerabilities. Prompt: In Module F ive, you will submit the risk assessment portion of the information assurance plan. You will provide the organization with an assessment of the threat environment and the risks within, as well as methods designed to mitigate these risks. Based on your analysis and evaluation, what are the best approaches for implementing information assurance principles? Where do you see the most important areas for improvement to current protocols and policies? Specifically, the following critical elements must be addressed:

III. Risk Assessment

a) Analyze the environment in which the organization operates, including the current protocols and policies in place relat ed to information assurance.

b) Evaluate the threat environment of the organization. c) Based on your analysis and evaluation, what are the best approaches for implementing information assurance principles? Where do you see the

most important areas for improvement to current protocols and policies? d) Assess the threats to and vulnerabilities of the organization by creating a risk matrix to outline the threats and vulnerabilities found and

determine possible methods to mitigate the identified dangers.

Rubric Guidelines for Submission: Your paper must be submitted as a three- to four-page Microsoft Word document with double spacing, 12-point Times New Roman font, one-inch margins, and at least three sources cited in APA format.

Critical Elements Proficient (100%) Needs Improvement (75%) Not Evident (0%) Value

Analysis of Environment

Anal yzes the envi ronment i n whi ch the organi zati on operates ,

i ncl udi ng the current protocol s and pol i ci es i n pl ace rel ated to i nformati on as s urance

Anal yzes the envi ronment i n whi ch the organi zati on operates

but does not i ncl ude the current protocol s and pol i cies i n pl ace rel ated to i nformati on as surance

Does not anal yze the envi ronment i n whi ch the

organi zati on operates

20

Threat Environment Eval uates the threat envi ronment

of the organi zati on

Eval uates the threat envi ronment

of the organi zati on but mi s s es cruci al threats or vul nerabi liti es , or the eval uati on i s i naccurate

Does not eval uate the threat

envi ronment of the organi zati on

20

Best Approaches Di s cus s es bes t approaches for i mpl ementi ng i nformati on

as s urance pri nciples , i ncluding areas of i mprovement to current protocol s and pol i cies

Di s cus s es bes t approaches for i mpl ementi ng i nformati on

as s urance pri nciples , but does not ful l y devel op i deas rel ated to areas of i mprovement to current protocol s and pol i cies

Does not di s cus s bes t approaches for i mpl ementi ng i nformati on

as s urance pri nciples

20

Risk Matrix Creates a ri s k matri x to

comprehens i vel y and accuratel y as s es s the threats to and vul nerabi l ities of the organi zati on, i ncluding pos s ible

methods to mi ti gate the i denti fi ed dangers

Creates a ri s k matri x to as s es s the

threats to and vul nerabi l iti es of the organi zati on but does not i ncl ude pos s i ble methods to mi ti gate the i denti fi ed dangers ,

or as s es sment i s i ncompl ete or i naccurate

Does not create a ri s k matri x to

as s es s the threats to and vul nerabi l ities of the organi zation

20

Articulation of Response

Submi s s i on has no major errors rel ated to ci tati ons , grammar, s pel l i ng, s yntax, or organi zati on

Submi s s i on has major errors rel ated to ci tati ons , grammar, s pel l i ng, s yntax, or organi zati on

that negati vel y i mpact readabi l ity and arti cul ation of mai n i deas

Submi s s i on has criti cal errors rel ated to ci tati ons , grammar, s pel l i ng, s yntax, or organi zati on

that prevent unders tandi ng of i deas

20

Earned Total 100%