Managing Organizational Risk

profilemigzs

Managing Organizational Risk

No longer than a decade ago, IT security professionals had to work hard to persuade organizational leaders about the importance of developing effective risk management plans. Nowadays, due to the plethora of cautionary tales that organizations history provide, business leaders are informed on the need to manage risk and understand the crucial role of an organization’s IT infrastructure on its ability to perform business.
A computer incident response team (CIRT) plan can help prepare organizations for incidents that might occur.

Write an eight to ten (8-10) page paper in which you:

  1. Describe the objectives and main elements of a CIRT plan.
  2. Analyze the manner in which a CIRT plan fits into the overall risk management approach of an organization and how it supports other risk management plans.
  3. Provide at least two (2) examples of how CIRT plans define the who, what, when, where, and why of the response effort.
  4. Analyze the manner in which the development of a CIRT plan enables management to adopt a more proactive approach to risk management. Include recommendations for remaining proactive in the continual improvement and update of CIRT plans.
  5. Infer on the evolution of threats over the last decade that organizations must now consider.
  6. Predict the evolution of regulatory requirements mandating risk management processes and plans.
  7. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:

  • Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
  • Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

The specific course learning outcomes associated with this assignment are:

  • Create a Computer Incident Response Team (CIRT) plan for an organization in a given scenario.
  • Use technology and information resources to research issues in IT risk management.
  • Write clearly and concisely about topics related to IT risk management using proper writing mechanics and technical style conventions

 

Points: 150

Term Paper: Managing Organizational Risk

Criteria

Unacceptable

Below 70% F

Fair

70-79% C

Proficient

80-89% B

Exemplary

90-100% A

1. Describe the objectives and main elements of a CIRT plan.

Weight: 10%

Did not submit or incompletelydescribed the objectives and main elements of a CIRT plan.

Partially described the objectives and main elements of a CIRT plan.

Satisfactorily described the objectives and main elements of a CIRT plan.

Thoroughly described the objectives and main elements of a CIRT plan.

2. Analyze the manner in which a CIRT plan fits into the overall risk management approach of an organization and specify how it supports other risk management plans.

Weight: 15%

Did not submit or incompletelyanalyzed the manner in which a CIRT plan fits into the overall risk management approach of an organization and did not submit or incompletelyspecified how it supports other risk management plans.

Partially analyzed the manner in which a CIRT plan fits into the overall risk management approach of an organization and partially specified how it supports other risk management plans.

Satisfactorily analyzed the manner in which a CIRT plan fits into the overall risk management approach of an organization and satisfactorily specified how it supports other risk management plans.

Thoroughly analyzed the manner in which a CIRT plan fits into the overall risk management approach of an organization and thoroughly specified how it supports other risk management plans.

3. Provide at least two (2) examples which demonstrates how CIRT plans define the who, what, when, where, and why of the response effort.

Weight: 15%

Did not submit or incompletely provided at least two (2) examples which demonstrates how CIRT plans define the who, what, when, where, and why of the response effort.

Partially provided at least two (2) examples which demonstrates how CIRT plans define the who, what, when, where, and why of the response effort.

Satisfactorily provided at least two (2) examples which demonstrates how CIRT plans define the who, what, when, where, and why of the response effort.

Thoroughly provided at least two (2) examples which demonstrates how CIRT plans define the who, what, when, where, and why of the response effort.

4. Analyze the manner in which the development of a CIRT plan enables management to adopt a more proactive approach to risk management. Include recommendations for remaining proactive in the continual improvement and update of CIRT plans.

Weight: 15%

Did not submit or incompletelyanalyzed the manner in which the development of a CIRT plan enables management to adopt a more proactive approach to risk management. Did not submit or incompletelyincluded recommendations for remaining proactive in the continual improvement and update of CIRT plans.

Partially analyzed the manner in which the development of a CIRT plan enables management to adopt a more proactive approach to risk management. Partially included recommendations for remaining proactive in the continual improvement and update of CIRT plans.

Satisfactorily analyzed the manner in which the development of a CIRT plan enables management to adopt a more proactive approach to risk management. Satisfactorily included recommendations for remaining proactive in the continual improvement and update of CIRT plans.

Thoroughly analyzed the manner in which the development of a CIRT plan enables management to adopt a more proactive approach to risk management. Thoroughly included recommendations for remaining proactive in the continual improvement and update of CIRT plans.

5. Infer on the evolution of threats over the last decade that organizations must now consider.

Weight: 15%

Did not submit or incompletely inferred on the evolution of threats over the last decade that organizations must now consider.

Partially inferred on the evolution of threats over the last decade that organizations must now consider.

Satisfactorily inferred on the evolution of threats over the last decade that organizations must now consider.

Thoroughly inferred on the evolution of threats over the last decade that organizations must now consider.

6. Predict the evolution of regulatory requirements mandating risk management processes and plans.

Weight: 15%

Did not submit or incompletely predict the evolution of regulatory requirements mandating risk management processes and plans.

Partially predict the evolution of regulatory requirements mandating risk management processes and plans.

Satisfactorily predict the evolution of regulatory requirements mandating risk management processes and plans.

Thoroughly predict the evolution of regulatory requirements mandating risk management processes and plans.

7. 3 references 

Weight: 5%

No references provided.

Does not meet the required number of references; some or all references poor quality choices.

Meets number of required references; all references high quality choices.

Exceeds number of required references; all references high quality choices.

8. Clarity, writing mechanics, and formatting requirements

Weight: 10%

More than 6 errors present

5-6 errors present

3-4 errors present

0-2 errors present

    • 7 years ago
    • 25
    Answer(2)

    Purchase the answer to view it

    blurred-text
    NOT RATED
    • attachment
      term_paper_managing_organizational_risk.docx

    Purchase the answer to view it

    blurred-text
    NOT RATED
    • attachment
      computer_incident_response_team_cirt_plan_.doc