The purpose of this assignment is to develop a process for managing risk assessment, threat and vulnerability, and enforcement of policies, procedures, and controls within an organization.
Using a company of your choice, communicate your plan for managing risk assessments, threats, and vulnerabilities, and enforcing policies, procedures, and controls within the organization in a 10-15 slide PowerPoint presentation. The presentation should include speaker notes for each slide and should address the following.
Define operational risk assessment, threat and vulnerability management (TVM), and risk management.
Provide a flowchart that demonstrates the relationship between risk assessment, TVM, and risk management.
Detail the audit or security risk review (SSR) process to measure the effectiveness of risk management.
Provide a process flow for the TVM and how to periodically review the risks and measures in place (i.e., SSR).
Identify specific roles and responsibilities throughout the process.