Week Nine Assignments- Maps to Course Obj. 7
MesusaControls.xls (19.5 Kb)
Read/Review
: Chapter 9, Management of Information Security, 3e.
: Powerpoint Slides, Chapter 9, located in Course Documents, Lecture Notes
Learning Objectives - Week 9
• Understand and select from risk mitigation strategy options to control risk
• Identify risk control classification categories
• Use existing conceptual frameworks to evaluate risk controls, and formulate a cost-benefit analysis
Assignment 9.1
This assignment is worth 50 points.
One year ago, the Mesusa Corporation conducted a threat evaluation and created a list of threats, the cost per incident and the projected frequency of occurrence. During the year, Mesusa decided to implement controls designed to reduce the cost per incidence and the number of threats. The attached spreadsheet (top of page - MesusaControls.xls) indicates the pre-control cost and frequency of occurrence, the cost of controls for each type of threat, and the post-control cost and frequency of occurrence. Calculate the AROs, the ALEs and the CBA for this initiative, and return the completed spreadsheet.
Assignment 9.2 (post to the Week 9 Forum)
This assignment is worth 50 points; 25 points for your original posting, and 25 points for participation.
Once you have finished 9.1, present only your CBA totals to the forum. Describe which controls were worth the cost, which were not, and why. For those that were not, determine what alternative controls are available.
In your response, comment on whether you agree with the analysis and the recommended alternate controls.
Minimum Posting Requirements: You must post at least five messages to get credit for participation. The first message is your original posting, due no later than Wed. At least two of the other messages must be responses to other student original postings. This is a pass/fail type of grade. If you meet the minimum requirements you get the points. If you do not meet the minimum requirements, you'll get no points for participation. Messages must be posted on more than one day. Don't wait until the last minute!
Group Assignment-Week 9
This assignment is worth 50 points.
As a group, determine a best response to the Case Exercises for RWW, Inc. at the end of the chapter. Use your group forum area for discussion, located under the Groups button to the left...
Have one person in your group post the group consensus, labeled as "Week9 Post - Grade Me" to your group forum.
Assignment 9.3 (Post to your Blog)
This assignment is worth 20 points.
Time to start adding to that blog! If you are not sure what to include, you might want to re-read the assignment located at the top of the Week 1 Assignments.
Post your link to your blog in this drop box. If the link is not posted, the assignment is not considered to be submitted and will get a grade of zero.
No comments:
Post a Comment