Assignment:
Queation 1: Organize the qualitative risk assessment data according to the following:
Review the executive summary from the Performing a Qualitative Risk Assessment for an IT Infrastructure lab in this lab manual.
Organize all of the critical "1" risks, threats, and vulnerabilities identified throughout the seven domains of a typical IT infrastructure.
Question 2: Describe the purpose of prioritizing the risks prior to creating a risk-mitigation plan.
Question 3: Describe the elements of an IT risk-mitigation plan outline by covering the following major topics:
Executive summary
Prioritization of identified risks, threats, and vulnerabilities organized into the seven domains
Critical "1" risks, threats, and vulnerabilities identified throughout the IT infrastructure
Short-term remediation steps for critical "1" risks, threats, and vulnerabilities
Long-term remediation steps for major "2" and minor "3" risks, threats, and vulnerabilities
Ongoing IT risk-mitigation steps for the seven domains of a typical IT infrastructure
Cost magnitude estimates for work effort and security solutions
Implementation plans for remediation
Question 4: Create a detailed IT risk-mitigation plan outline by inserting appropriate subtopics and sub-bullets.