Module 1 – SLP
The following two examples demonstrate how risk assessment can be conducted in certain situations. Watch these to get some basic ideas.
Analyze organizational structure from LinkedIn Learning
*Please note that the link above will open in a new window and may require activation of a LinkedIn account on the first attempt. Trident students may use their student email address to access this free subscription to LinkedIn Learning as a part of this course.
Practicing risk assessment fundamentals, processes, and matrixes provides one an opportunity to apply the learning in the real world. Choose an information system security domain of your organization or industry and apply what you learned from the case readings and SLP examples. You can choose to either assess comprehensively, or focus on two or three major perspectives with an in-depth discussion rather than covering all the aspects of risk assessment.
Use this non-graded activity to test your knowledge.
SLP Assignment Expectations
Please write a 2- to 5-page paper titled:
“Risk Assessment for ______ (your chosen information system security domain in your chosen organization/industry): Challenges and Solutions”
Address the following issues:
• Special requirements of risk assessment in your chosen information system security domain in your chosen organization/industry.
• Two or three major perspectives of risk assessment that you selected for an in-depth discussion.
• One or two major lessons learned from the examples that you would like to apply in your own risk assessment issue context.
• Key challenges and solutions of risk assessment.
• Your assignment will be graded according to the MSITM SLP Grading Rubric. (To see the rubric, go to Assessments>Rubrics. Click the arrow next to the rubric name and choose Preview.)
Required Reading
Sood, A. K. (2022) Empirical Cloud Security: Practical Intelligence to Evaluate Risks and Attacks. Mercury Learning, Chapters 1 – 2. Finding Skillsoft Books
Moore, R. O. (2022). Cyber Intelligence Driven Risk: How to Build, Deploy, and Use Cyber Intelligence for Improved Business Risk Decisions, audio book, Audio 1 – 3. Finding Skillsoft Books
Blum, D. (2021). Rational cybersecurity for Business: The security leaders’ guide to business alignment. APress. Chapters 1-3. Finding Skillsoft Books
Security Risks: Key Risk Terms & Concepts. Finding Skillsoft Books
Mitigating Security Risks: Cyber Security Risks. Finding Skillsoft Books
Optional Reading
Allen, B. J. and Loyear, R. (2018). Enterprise security risk management: Concepts and applications. Rothstein Publishing. ISBN: 9781944480448 Chapters 4 – Chapter 9. Books 24/7 Version. Available in the Trident Online Library.
Nieles, M., Dempsey, K., and Pillitteri, V. Y. (2018). An introduction to information security. National Institute of Standards and Technology. NIST Special Publication 800-12 Revision Chpt 4 – 5, p. 20 -33
(2017) NIST Document: Security and privacy controls for information systems and organizations. Draft NIST Special Publication 800-53 Revision 5, Chapter 3 (p. 15-80)
Schurr, M., Tuya, M. D., Noll, K. (2017). Risk-informed decision making in Information System Implementation Projects: Using Qualitative Assessment and Evaluation of Stakeholders’ Perceptions of Risk. Proceedings of the 50th Hawaii International Conference on System Sciences. 6120-6219. (Documents is in resources).