Homework: Organizational Risk Assessment
In this homework you will be conducting a risk assessment. This will not be a technical risk assessment, but an assessment of your hypothetical organization/business. For your organization/business, take the NIST Cybersecurity Framework controls and reduce them to system configuration requirements and system test cases with pass/fail criteria. Refer to the "Framework for Improving Critical Infrastructure Cybersecurity," located within the Course Materials. Then, include the following in a report:
a. Describe when some controls cannot be implemented (such as on a personal laptop).
b. Explain what is to be done in each case identified above to compensate for controls that cannot be implemented (e.g., create an identification authentication scheme).
c. Demonstrate how compensating controls can ensure the non-compliant system can continue to operate within the secured and compliant environment.
d. Discern the likelihood of a cybersecurity breach within the compliant environment and the impact it might have on the organization (make sure to consider emerging risks, threats, and vulnerability).
Format your homework according to the give formatting requirements:
a. The answer must be double spaced, typed, using Times New Roman font (size 12), with one-inch margins on all sides.
b. The response also includes a cover page containing the title of the homework, the course title, the student's name, and the date. The cover page is not included in the required page length.
c. Also include a reference page. The references and Citations should follow APA format. The reference page is not included in the required page length.