Performcybersecurityriskassessments ICTCYS608
- Subject Code :
ICTCYS608
ICTCYS608
Performcybersecurityriskassessments
ProjectPortfolio
|
Studentname: |
Studentmustcompletethissection |
|
StudentID: |
Studentmustcompletethissection |
|
Date: |
Studentmustcompletethissection |
|
Business this assessment isbased on: |
KingEdwardVIICollege |
Section1:Riskassessmentplanning
|
Thebusiness Describe the business including:productsandservicessupplied environment in which it operatesandimpactintermsofcybersecurity requirementsforcybersecurity appetite for risk, including inrelationtocybersecurity current arrangements in place forrisk management, including the riskregister |
The student must describe the business as per the criteria listed. Refer the AssessmentTask2-Appendix1page3onwardsfordetails. |
||||
|
Legislation Describe legislative requirementsthat apply to cyber security and which the organisation must complywith.Giveatleasttwoexamples. |
The student must describe legislative requirements that apply to cyber security. Refer thelearnerguideforinformation. |
||||
|
RiskAssessmentPlan Documentyourplanforrisk assessmenthere.Includeallactions that you will take, as well asresponsibilities and timelines. |
Action |
Responsibility |
Timeline |
||
|
Identifyinformation assetsthatcanbe affectedbyacyber attack. |
|||||
|
Identify cyber security risksthatcanaffect assets |
|||||
|
Create a cyber security specific risk register |
|||||
|
Analyse risks and select control measures |
|||||
|
Document findings in the risk register |
|||||
|
Communicate findings to stakeholdersandseek feedback |
|||||
|
Finaliseriskassessment |
|||||
|
Feedback |
(YourName) |
|
Writeanemailtomanagement (your assessor) here summarisingyourplanfortheriskassessmentandseekingfeedback. |
(Yourposition) (DATE) DearManagement, |
|
(You submit your portfolio to yourassessoratthisstageforhis feedback.Yourassessorwill complete the net Feedback sectioninsection2byincludinghis feedback) |
Summaryoftheriskassessment (Your email body must be here. You must summarise your risk assessment plan here and request for his feedback on that.) Kindregards, (YourName) |
Section2:Riskassessment
|
Feedback Document the feedback you receivedhereinrelationtoyourrisk assessment plan. Explain how you will incorporate thisfeedback into the risk assessmentprocess. |
After the assessors feedback here, you must explain how you will incorporate this feedback into the risk assessment process. |
|
Riskassessment You are to conduct a riskassessment. Populate a risk register in a format ofyourchoice.Includethetitleofyourrisk register here and attach it to yourPortfolio. Your risk register must include at least five relevant cyber securityrisks, the consequences of the riskandlikelihood,aswellashow acceptabletheriskisorisnottothebusiness and risk controls that shouldbeputinplaceaswellas benchmarkstoassessthe effectivenessofriskcontrols. Note that the cyber security risks youidentifycanbehighlevelrisks,as well as risks related to cyber securityattacks. Your risk register should also allowyoutorecordareaswhereyou believethattheorganisationmayormay not have sufficient measures in place. The risk control measures yousuggestshouldreflectanyareas where you believe additional controlsare required. |
Thestudentmustincludethetitleoftheirriskregisterhereandattachittotheir Portfolio. When you prepare your risk register, refer the Assessment Task 2 - Appendix 1 page 3 onwards for information. |
|
Riskassessmentsummary Include a summary of your findingshere including:
Which of the risks that you haveidentifiedareoutsideofthe |
The student must document their risk assessment summary here which will be basedontheirriskregister. |
|
organisationsriskappetite. Theactionsormeasuresthatyouhave proposed to ensure that risksare controlled. An area of non-compliance that youhaveidentifiedintermsoftheorganisations existing operations andyourintendedsolutions. |
