You can download the sample Management essay on Global Strategy Management with the following question for free at the end of this page. For further assistance in Management Assignment help, please check our offerings in Management assignment solutions. Our subject-matter experts provide online assignment help to Management students from across the world and deliver plagiarism free solution with free Turnitin report with every solution.
(AssignmentEssayHelp does not recommend anyone to use this sample as their own work.)
Question
Write a Threat and Risk Assessment Report that assesses the findings of a gap analysis and articulates the most prominent risks and threats to the subject organisation – XYZ Company
Solution
1. Executive Summary
The XYZ Company plans to assess the risks of its information security system. The assessment is performed by the organisation’s information security manager. He evaluates all possible threats, vulnerabilities and assets of the company. With the help of this analysis, he will be able to take appropriate security measures to protect the system.
The assessment focuses on the assets of XYZ Company and the risks associated with them. It focuses on policies and various information security measures of XYZ. Assets include customer records, databases, network devices, policies and the physical environment. It checks on the availability, integrity and compliance of these assets.
The assessment would identify all areas that are compromised by current business operations. Preventive measures can be carried out to resolve these issues and ensure a more robust and secure environment.
2. Introduction
2.1 Purpose
The sole purpose of this risk assessment is to identify and educate the organisation about the threats and vulnerabilities in its information security system. The assessment will help in accepting risks, transferring risks and mitigating risks at an earlier point in time. Risks can be classified into four different categories: Severe, High, Moderate and Low. Risks under the “Severe” category should be resolved at the earliest.
Risk assessment is done at an earlier stage to make sure XYZ organisation doesn’t suffer any information security problems.
2.2 Scope of this Risk Assessment
This risk assessment program revolves around the Information Security System of XYZ Company. It focuses on critical assets like network devices, customer records, databases, software programs and the environment.
The assessment evaluates the security policies of the organisation. It identifies if the policies are defined to suit business objectives. Obsolete policies are redefined to meet current organisation requirements and standards. The assessment ensures if the roles and responsibilities of employees in the organisation are organised. The employees should be aware of their role in information security. The assessment focuses on how policies are drafted for each employee role. Likewise, checks on employee training and awareness of information security are carried out.
For complete solution please download from the link below
(Some parts of the solution has been blurred due to privacy protection policy)