Assignment:
Description
In a paper of 2 to 3 pages, reflect back on Discussion Board assignment, and choose an appropriate risk management framework for your organization. Explain why you have chosen the framework and how a controls digest like NIST SP 800-53 or ISO 27002 would help identify controls to reduce risks of threats and vulnerabilities. Explain the relationship between controls and their impact rating as well.
In the second part of the assignment, you will explain how to conduct a risk assessment for your organization using the NIST SP 800-30, Risk
Management Guide for Information Technology Systems.
Title your paper: Risk Management Frameworks.
Please submit your assignment.
For assistance with your assignment, please use your text, Web resources, and all course materials.
Reading Assignment
Managing Risk in Information Systems:
Assignment Objectives
• Conduct an organizational risk assessment analysis