Assignment 1: Risk ManagementDue Week 2 and worth 120 pointsIt is an accepted truth that without risk there can be no gain. Every individual and organization who wants to succeed must take some risks.
Grading for this assignment will be based on answer quality, logic / organization of the paper, and language and writing skills, using the following rubric.
Points: 120 | Assignment 1: Risk Management | |||
Criteria | Unacceptable Below 70% F | Fair 70-79% C | Proficient 80-89% B | Exemplary 90-100% A |
1. Contrast risk, threat, and vulnerability. Weight: 10% | Did not submit or incompletelycontrasted risk, threat, and vulnerability. | Partially contrasted risk, threat, and vulnerability. | Satisfactorily contrasted risk, threat, and vulnerability. | Thoroughly contrasted risk, threat, and vulnerability. |
2. Explain the relationship between risk and loss. Weight: 10% | Did not submit or incompletely explained the relationship between risk and loss. | Partially explained the relationship between risk and loss. | Satisfactorily explained the relationship between risk and loss. | Thoroughly explained the relationship between risk and loss. |
3. Describe risk management and assess its level of importance in information security. Weight: 25% | Did not submit or incompletely described risk management and did not submit or incompletely assessed its level of importance in information security. | Partially described risk management and partially assessed its level of importance in information security. | Satisfactorily described risk management and satisfactorily assessed its level of importance in information security. | Thoroughly described risk management and thoroughly assessed its level of importance in information security. |
4. Argue the need for organizations to take risks with its data. (e.g., Is it a risky practice to store customer information for repeat visits.) Weight: 25% | Did not submit or incompletely argued the need for organizations to take risks with its data. (e.g., Is it a risky practice to store customer information for repeat visits.) | Partially argued the need for organizations to take risks with its data. (e.g., Is it a risky practice to store customer information for repeat visits.) | Satisfactorily argued the need for organizations to take risks with its data. (e.g., Is it a risky practice to store customer information for repeat visits.) | Thoroughly argued the need for organizations to take risks with its data. (e.g., Is it a risky practice to store customer information for repeat visits.) |
5. Describe the necessary components in any organizational risk management plan. Weight: 15% | Did not submit or incompletelydescribed the necessary components in any organizational risk management plan. | Partially described the necessary components in any organizational risk management plan. | Satisfactorily described the necessary components in any organizational risk management plan. | Thoroughly described the necessary components in any organizational risk management plan. |
6. 2 references Weight: 5% | No references provided. | Does not meet the required number of references; some or all references poor quality choices. | Meets number of required references; all references high quality choices. | Exceeds number of required references; all references high quality choices. |
7. Clarity, writing mechanics, and formatting requirements Weight: 10% | More than 6 errors present | 5-6 errors present | 3-4 errors present | 0-2 errors present |