Answered You can buy a ready-made answer or pick a professional tutor to order an original one.
Can you help with my project? Dur date is 8/30/2016Term Paper: Managing Organizational RiskDue Week 10 and worth 150 pointsNo longer than a decade ago, IT security professionals had to work hard to pe
Can you help with my project? Dur date is 8/30/2016
Term Paper: Managing Organizational RiskDue Week 10 and worth 150 points
No longer than a decade ago, IT security professionals had to work hard to persuade organizational leaders about the importance of developing effective risk management plans. Nowadays, due to the plethora of cautionary tales that organizations history provide, business leaders are informed on the need to manage risk and understand the crucial role of an organization’s IT infrastructure on its ability to perform business.A computer incident response team (CIRT) plan can help prepare organizations for incidents that might occur.
Write an eight to ten (8-10) page paper in which you:
- Describe the objectives and main elements of a CIRT plan.
- Analyze the manner in which a CIRT plan fits into the overall risk management approach of an organization and how it supports other risk management plans.
- Provide at least two (2) examples of how CIRT plans define the who, what, when, where, and why of the response effort.
- Analyze the manner in which the development of a CIRT plan enables management to adopt a more proactive approach to risk management. Include recommendations for remaining proactive in the continual improvement and update of CIRT plans.
- Infer on the evolution of threats over the last decade that organizations must now consider.
- Predict the evolution of regulatory requirements mandating risk management processes and plans.
- Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
- Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
- Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
- Create a Computer Incident Response Team (CIRT) plan for an organization in a given scenario.
- Use technology and information resources to research issues in IT risk management.
- Write clearly and concisely about topics related to IT risk management using proper writing mechanics and technical style conventions
- @
- 165 orders completed
- ANSWER
-
Tutor has posted answer for $40.00. See answer's preview
********** ************** RISKStudents Name:Professors *********** ************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************* **** ***** become **** frequent *** sophisticated ****** *** ******** ** * ******** ******** ******** **** a **** *** ************* Risk assessment *** ************** of the resulting security *************** *** ***** *** amount of ************ ********* *** ***** will always ** one ** *** cases ***** ******* *** ******** to an ****** **** ******** *********** and ******** ** ******** ************* **** ** **** * CIRT **** which ******** of the following ************** **** **************** ******* **** *** *** *** **** **** ***** For ************* **** offices in ******* ************ ***** *** **** need ** state ***** **** ** ****** * **** *** be ********* ************ *** the ************ ** ******** *** *** ******* of *** organization * ******** **** **** **** ********* ******** connections *** ********** *** ** ******** ***** ****** ************ **** ** *********** suppliers *** ********* *** **** should **** ***** ************ **** information ******* ** ****** *** *** *** organization ***** with IT ***** ******* *** **** of ******* that the **** covers will help ** setting up *** incident response ***** for ******** if *** **** **** *** ***** ***** ******* ****** *** ************* ** ** ** ** point having the ***** ************* in *** ******* ******** ******** ******** ******* ******** of *** plan ********** *** ******* of *** **** ** the **** ****** *** ****** ************* ******* ******* *** ** ***** **** all ******** ** *** **** In most ***** there is usually a central team *** other ******** teams that ***** ******** offices *** ******** teams **** ****** incidents **** **** ****** *** **** ******* ***** the central team ******* incidents affecting multiple ******* ** *** entire ************ *** CIRT ****** ** ********* ******* of *** ********* personsIT ******** manager- This is *** person *********** *** the ************* *********** systems security As *** ****** ** *** IS ******** *** IT security program manager is **** *** ******** of the ******** response **** *** ********** ******** **** ***** He ******* *** ****** *** ******** ************* authorizing *** use ** ********* *** information ******* during the ******** ************* ** **** ensures ************* ********** *** ******** ****** ************* ** well ** ******** whether or *** ******* professional ********** ** ******** *** a ********** ************** ********* ******** **** is *** ****** *********** *** updating *** media *** ******* ****** on the ********* *** *** *********** ******** ** ********** by the IT security ******* ******* In ******* circumstances only **** ******* have ****** ******** officers **** ***** ******** ******* ******** ** ******* ***** ***** *********** ** *** *********** ********* ********** ****************** ****** ** *********** for ******** that *** team **** *** violate ************ rights during ******** ************* In case *** investigation finds *** **** ** ******** ** *********** *** the incident the ********* ********** representative takes *** ****** ** for *********** ************ ************* *** ******** ***************** database ************* **** ** in the **** if *** ******** is compromised by the ****** He **** ** *********** for determining ** data *** ******** ******** ************ have **** altered ****** administrators ******** **** *** ****** ******** and software *** ********* **** a **** ************* ** *** ************* ** systems This ********* ** valuable to **** ** the ******** ******** ****** forensic ******* ******** ****** ** ******** ** ****** **** *** ******** investigation ** ********* in * ****** manner with *** *** evidence collected and ****** ******** ******* the ******** ***** *** ********** **** help *** ************ ** case **** wish ** ********* the ****** *********** *** the ************* ********** *************** ***** officer ********** with computer security *** ******* laws ****** ** present in *** **** **** ****** **** ****** **** *** **** **** *** violate ******* laws ****** ************* while **** *********** ********* of ********* ******* *** organization This ****** ******** *** *********** agencies ** **** the company wishes ** pursue legal ******* ** *** ****** ******************* ******** and ********* proceduresIncident reporting ************ ************ should ******* ******** ********* ********** ** ****** **** all ********** ********* *** ******** ** *** ***** ****** on time **** ***** ******* * standard web ** paper **** **** should be ****** *** **** ** * specific ****** ****** *** ************* ******** ******** reporting **** ******* of the following ************* Date **** *** ******** ** ********* the **** and *** time *** ******** and ** ************* ** *** **** *** ******** ****** **** of ****** ***** ******** ******** of the ********* *** ************ location ** the systems ***** ******** ******* *********** of *** ******** reporting ******** **** of ****** being ******** *** web ****** ****** server ******** serverØ ***** *********** ** *** incidentØ ******* information ** *** information security *************** handling **************** ********** ******* *** incidents ****** ** ************ and ******* Two major philosophies *** available for *** ****** incident ********* ********** and ********* *** ************ and ************ ************ The ************* *** ********** **** have ** make a ****** ******* ***** *** philosophies *** *** ** *** organization *** ********** and ********* ****** ******** *********** *** unauthorized ****** was gained ** *** ****** ********* ******* ** ***** ****** ***** *** ******* ******** the ************ access ******* ** ******* ******* ************ ***** ********* ** a **** plan ** to ****** **** ** organization builds ******** ******** ******** A team ** ******* **** *** *** ********* resources *** ********* ** *********** and ****** incidents ******** **** ***** *** **** **** ***** ** ****** *** **** *************** ** **** ** *** * ***** meaning ** *** organizationA risk management plan involves risk ******** ***** ** * ********* *** ********** *** **** ** ******** ******* assets and the ********* **** because of *** ********** ******* **** ******* ********** *** ****** ************ *** ******** a ***** for establishing * **** ********* ******** controls program- the **** of *********** *** **** ****** not ****** the ******* **** ********** **** the **** *** ********* identifies the ******** ******** ******** ********** vulnerabilities and ********* *** effect of ******* ** **** **** ** vulnerability ** **** ******** *** following ************* *** importantAsset- refers to ******** **** *** ** of ***** and ***** **************** – *** ********** or ********** ****** **** the potential to ***** ****** ** ******************** is * ********* ** ******** that can ** exploited ** ***** **** to assetsCounter ********* ******* ** ******* that *** ****** *********************** ***** The anticipated ******** impact ** assets *** ** ****** manifestationImpact * ****** ** a ****** of ****** ******** *** ******** ********* ** one ** ********** ***** **** ***** *** ******** used in *********** *********** *********** ****** of ******* ********** *** Modification Risk ********** **** ***** determine whether *** ******** ******** ******** Team plan is ********** *** an ************* ** ******** *** ********* ****** vulnerabilities *** expected ****** ** case ********* ********* PLAN who **** ***** **** *********** plans ******* ****** the ***** ** each **** ********* IT ******** ******* manager is *** director of *** ******** **************** ****** ********* officer ** the ***** ** contact between the media *** *** organizationThe **** ****** **** ******* are ******** ** *** ******** ********* formIf *** ******** ** ******** *** ******** ********* form will ******* ******** soThe central **** ******* incidents covering **** **** one ******** ****** ***** *** ******** ***** ******* ********* ** ***** ********** **** ******** ****** ****** *** time *** ***** ** ********** ** an ************ **** ***** ******* why certain ******* ** *** team **** ** be there The ***** ******* ** ******** ** ensure *** **** does *** ***** the *** ***** *** ****** ************* ******** an ** ***** ********* on the systemsCIRT **** ********************* * **** **** helps an organization ** **** ******** *** any **** of incidents **** **** ******* that *** ************ recovers from disasters ** minimal **** ******** *** **** ** **** *** *********** ************ is ******* to ******* A team ** ****** ** ***** **** * ***** ******** reporting mechanism *** available resources for ******** ******** The ********* is recommended *** * successful *** ********* CIRTØ ****** **** *** team ******* are **** ********* ******** ******** ******** ** ********** ************** Continually ****** and ****** ******** ******** ****** ********* *** ******** ********* ** *** ******** ******** teamEvolution ** ****************** ********** *** ************ the cyber space ** *** ******* growing ****** with ****** ********* in *** ***** ***** * **** ** ******** to ******* ** *** ******** *** growth of *** internet *** ********** *** ******** ******** ********* and ************ **** *** *** effective means ** ******** **** *** ******* Cyber ******* **** ******* ******* **** *** last ****** ***** *** lives **** ****** more ********* on *********** technology ** **** online ********* ****** *********** ****** and ***** ********* ****** This ********* reliance on ** has **** *** ******** a **** fishing ground for ******* *** ******** ****** *** following ***** threats **** ******* ******* **** *** last ************** ******** ******** ** * ****** deceiving ********* used ** ******* ** **** you to * malicious ******* ***** ********* **** may ** installed ** ** **** ******** ** **** anonymous ****** that **** maliciously ******* attachments **** varying **** ********** **** may **** you ** ********** **** ******** ** ********* ************** *********** **** **** ** *********** ********* since ** ******* ** ********** ******* ** *** **** *********** ********** their information *** example a **** ******* *** internet *** ** ********* to ********* *** ***** alerts *** *********** *** for **** ** **** ** *** ******* *** ****** ******** ******** and ********* *********** including ********* are ******** ***** ******** may ****** to **** **** ** ********* ** ******* ** **** ***** ******* **** ** sometimes ****** to ** **** ********************* are * collection of software ****** that are remotely ********** ** the ********** ******** * group ** ******** ********* These ********* can **** **** ****** ********** *** ***** of ********* **** *** use your ******** as **** of * denial ** ******* ****** computers have evolved *** *** ***** **** ********** ****** and ******* ******** and **** ******** machines ****** ** ******** denial ** ******* ************* *************** Organizations have become ************ ******* on ********** mail for both ******** *** ******** communications *** all employees ** *** ************ are ** ************* *** **** ** **** **** **** ******** ***** ***** trying ** ********* ** email alerts ** ******* ********* ****************** ******* and ************ ******** ******** ****** ******* *** ************ personal devices **** ***** ** **** * *** cyber ****** **** ******** new ******** ********** These devise *** ** moved ** ********* to ********* ****** and ******* **** ******* **** *** *** **** ***** ********* ********* may *** ***** ******** devices ** connect ** *** organizations ******* *** ********* *** of ***** ******* *** necessitated new security policies **** ** ***** **** *** ****** (BYOD) ****** *** *** *** of ****** ****** ********** software ** ******* *** companies ******** ****** on ****** **************** ** ********** *************** ***** ** becoming ************ interconnected *** an ****** ** *** network ***** ****** ****** ** other ******* ** peer ******** Owing ** **** **** **** ********** *** standard *********** ****** are ***** ** demand **** *** systems *** ******** follow ***** *** ********* ** ******** incidents of ************* **** ************* **** ** ******** ********* *** ********* *** ********** ***** and **** others are ***** to ****** that ******* ****** ** ***** one industry ******** risk ******** *** ********** ******************* ********** * ***** August *** ******* *************** *** ******** ********* from ***** wwwicannorg/threats-vulnerabilities-and-exploits-oh-my2 ****** ********* ***** *** Aug) An ************ ** *********** **** assessment ********* **** ****************************************************************************** **** ********* *** Millar *** Grance Karen ******** ****** ******** security ******** ******** guide ********* from ********************************** David Alder Kenneth L ******** ** ************ * computer ******** ******** **** ********* **********