Cyber Risk Plan

profilehelpmeplease1

 

  1. Create a risk register (suggested length of 3–5 pages) that identifies eight risks currently facing the company.
    1. Explain how one of the identified risks stems from an aspect of the company’s global marketplace activities (e.g., manufacturing uncertainties, problems with suppliers, political instability, currency fluctuations).
    2. Describe the source(s) of each risk.
      1. Explain how each risk stems from the described source(s) (suggested length of 1–2 sentences for each source).
    3. Identify the risk level for each risk (i.e., high, medium, or low).
      1. Justify each identified risk level in terms of the following:
        • •  severity of the impact
        • •  likelihood of occurrence
        • •  controllability

  2. Discuss an appropriate risk response for each risk from part A (suggested length of 1 paragraph per risk) to reduce the possible damage to the company.

  3. Create a business contingency plan (BCP) (suggested length of 6–10 pages), such as that included in a policy manual, that the company would follow if faced with a major business disruption by doing the following:
    1. Discuss what strategic pre-incident changes the company could follow to ensure the well-being of the company.
    2. Discuss the ethical use and protection of sensitive data by doing the following:
      1. Discuss what constitutes sensitive data.
      2. Explain how data will be physically protected during normal business operations.
      3. Explain how data will by physically protected in the event of a disruption.
      4. Explain how the company will ensure data is used ethically.
    3. Discuss the ethical use and protection of customer records by doing the following:
      1. Discuss what constitutes customer records for your chosen company.
      2. Discuss the systems or security measures that would be put in place to protect customer records during normal business operations.
      3. Discuss the systems or security measures that would be put in place to protect customer records in the event of a disruption.
      4. Explain how the company will ensure customer records are used ethically.
    4. Discuss the communication plan to be used during and following a disruption.
      1. Identify the stakeholders who would need to be contacted in the event of a disruption.
        1. Describe the specific actions that will need to take place to communicate with each stakeholder.
    5. Discuss how normal operations will be restored after a disruption has occurred (post-incident).

  4. Create an implementation plan (suggested length of 1–2 pages) for the BCP from part C by doing the following:
    1. Discuss how the BCP will be implemented into the company.
    2. Discuss how the BCP will be communicated to the organization.
    3. Discuss how the BCP will be monitored or tested before the incident to ensure the plan would be effective in the event of a disruption.
    4. Discuss how the BCP will be adjusted over time.
      1. Discuss how changes to the plan will be communicated to the company.

  5. If you use sources, include all in-text citations and references in APA format.

Please follow the Rubric


  • 5 years ago
  • 70
Answer(2)

Purchase the answer to view it

blurred-text
NOT RATED

Purchase the answer to view it

blurred-text
NOT RATED
  • attachment
    RiskmanagementMeshInc..doc