Assessment Description: Organizations exist in a globally competitive environment where there are threats such as natural disasters, geopolitical threats, and cybersecurity risks. As such, organizatio

Assessment Description:

Organizations exist in a globally competitive environment where there are threats such as natural disasters, geopolitical threats, and cybersecurity risks. As such, organization leaders must develop a business continuity plan to ensure the successful continuation of the organization during a period of disruption. Students will conduct a risk assessment, and business impact analysis, and create a business continuity plan for their selected organization. Students will use the virtual system and vulnerability assessment tools to simulate systems security vulnerabilities within the organization's business application systems.

Part 1:In 750-1,100 words, conduct a qualitative risk assessment and assess the impact the risk will have on the organization after conducting a vulnerability scanning of the provided systems. Address the following: 

• Identify critical systems and their impact on the organization.
• Highlight high-risk findings and recommend mitigation strategies.
• Explain what is to be done in each case identified above to compensate for controls that cannot be implemented (an alternate control).

Part 2:In 750-1,100 words, develop a contingency plan to include: business continuity, disaster recovery, and incident response. This will not be a technical risk assessment, but an assessment of the organization selected. Address the following: 

• Explain the contingency plan to address and prioritize compliance gaps.
• Provide a cost/benefit analysis.
• Describe when some controls cannot be implemented (because implementing these controls will reduce business functionality or endanger human lives).
• Demonstrate how compensating controls can ensure the non-compliant system can continue to operate within a secure and compliant environment.
• Differentiate the likelihood of a cybersecurity breach within the compliant environment and its impact on the organization (make sure to consider emerging risks, threats, and vulnerabilities).

Part 3:

• For your organization, take the NIST cybersecurity framework controls and reduce them to system configuration requirements and system test cases with pass/fail criteria.

Note: Retain a copy of this assignment for the Business Continuity Plan, which will be finalized and submitted in either CYB-690 or ITT-660, depending on your major. 

Prepare this assignment according to the guidelines found in the APA Style Guide, located in the Student Success Center.This assignment uses a rubric. Please review the rubric prior to beginning the assignment to become familiar with the expectations for successful completion.You are required to submit this assignment to LopesWrite. A link to the LopesWrite technical support articles is located in Class Resources if you need assistance.