Assignment Help - homework help

Complete the policy in alignment with one organizations of


Information Security Policy Template

Complete the policy in alignment with one organizations of your choice. Ensure you design the policy in accordance with the risk tolerance of the organization. The following should be included in your design.

1. Identify 20 potential risks, defining both threat (condition) and impact (consequence). Review Chapter 1 in Information Security Risk Assessment Toolkit: Practical Assessments Through Data Collection and Data Analysis when completing this portion of the assignment.

2. Define a policy to monitor (risk-seeking), control (risk-neutral), or remove (risk-averse) the risk.

Risk Assessment Table

Number

Risk Name

Threat (Condition)

Impact (Consequence)

Example

No Anti-Virus Updates

Malicious virus, worms, Trojans, hackers gaining unauthorized access

Exploiting and extracting sensitive data from end-user systems

1


2


3


4


5


6


7


8


9


10


11


12


13


14


15


16


17


18


19


20


Information Security Policy

Number

Risk Name

Policy

Monitor/Control/Remove

Example:

No Anti-Virus Updates

All systems will receive daily anti-virus updates via enterprise-wide application.

Control: Security analyst will monitor (report) on update status for all systems and remediate any systems missing updates.

1


2


3


4


5


6


7


8


9


10


11


12


13


14


15


16


17


18


19


20



Risk Name

Threat (Condition)

Impact (Consequence)

Example

No Anti-Virus Updates

Malicious virus, worms, Trojans, hackers gaining unauthorized access

Exploiting and extracting sensitive data from end-user systems

1


2


3


4


5


6


7


8


9


10


11


12


13


14


15


16


17


18


19


20


Request for Solution File

Ask an Expert for Answer!!
Business Management: Complete the policy in alignment with one organizations of
Reference No:- TGS02887998

Expected delivery within 24 Hours