Security Risk Mitigation Plan

Assignment Content

1. A Risk Management Analyst identifies and analyzes potential issues that could negatively impact a business in order to help the business avoid or mitigate those risks.
   
   
   Take on the role of Risk Management Analyst for the organization you chose in Week 1.
   
   
   Using the Security Risk Mitigation Plan Template, create a 4- to 5.5-page Security Risk Mitigation Plan for the organization you chose.
   
   
   Research and include the following: 
   
   • Security Risk Mitigation Plan:
   • Select and document security policies and controls.
   • Create password policies.
   • Document administrator roles and responsibilities.
   • Document user roles and responsibilities.
   • Determine an authentication strategy.
   • Determine an intrusion detection and monitoring strategy.
   • Determine virus detection strategies and protection.
   • Create auditing policies and procedures.
   • Develop education plan for employees on security protocols and appropriate use.
   • Provide risk response.
   • Avoidance
   • Transference
   • Mitigation
   • Acceptance
   • Address change Management/Version Control.
   • Outline acceptable use of organizational assets and data.
   • Present employee policies (separation of duties/training).
   • Explain incident response.
   • Incident types/category definitions
   • Roles and responsibilities
   • Reporting requirements/escalation
   • Cyber-incident response teams
   • Discuss the incident response process.
   • Preparation
   • Identification
   • Containment
   • Eradication
   • Recovery
   • Lessons learned