Mitigation Plan

MIS607 Assessment 3 Mitigation Plan for Threat Report

Course: MIS607

 

Task Summary

For this assessment, you are required to write a 2500 words mitigation plan for threat report based on knowledge you gained about threat types and key factors in Assessment 2. You are required to use the Assessment 2 case as context to write a report to address or alleviate problems faced by the business and to protect the customers. In doing so, you are required to demonstrate your ability to mitigate threat/risks identified in Assessment 2 through the strategy you recommend (STRIDE).

Context

Cybersecurity help organizations to mitigate threats/risks, reduce financial loss and safety violations, decrease unethical behaviour, improve customer satisfaction, and increase efficiency, as well as to maintain these improved results. Threats can be resolved by Risk Acceptance (doing nothing), Risk Transference (pass risk to an externality), Risk Avoidance (removing the feature/component that causes the risk) and Risk Mitigation (decrease the risk). This assessment gives you an opportunity to demonstrate your understanding of cybersecurity and your capability to explain Risk Mitigation strategies for such threats. Mitigations should be chosen according to the appropriate technology and resolution should be decided according to the risk level and cost of mitigation.

Task Instructions

1. Read the Assessment 2 Case Scenario again to understand the concepts discussed in the case.

2. Review your subject notes to establish the relevant area of investigation that applies to the case. Reread any relevant readings that have been recommended in the case area in modules. Plan how you will structure your ideas for the mitigation plan for threat report.

3. The mitigation plan for threat report should address the following:

• Setting priorities for risks/threats

• Analyse the case in terms of identified risk categories and scenarios

• Apply standard mitigations

• Discuss specific resolutions for improvement, and justify their significance

• Provide recommendations for mitigating risk based on an assessment of risk appetite, risk tolerance and current risk levels (Choose techniques to mitigate the threats)

• Make recommendations to the CEO on how to conduct risk management, key issues involving your process improvement model, including a road map, the identification of appropriate technologies for the identified techniques, communicating the strategy, and a suggested timeline.

4. The report should consist of the following structure:

A title page with subject code and n ame, assignment title, student’s n ame, student , and lecturer’s n ame.

The introduction that will also serve as your statement of purpose for the report. This means that you will tell the reader what you are going to cover in mitigation plan report. You will need to inform the reader of:

a) Your area of research and its context (how to mitigate or manage threats)

b) The key concepts you will be addressing

c) What the reader can expect to find in the body of the report

The body of the report will need to respond to the specific requirements of the case study. It is advised that you use the case study to assist you in structuring the report. Set priorities for identified threats from assessment 2, analyse the case in terms of identified risk categories and discuss specific resolutions and recommendations for improvements in the body of the report.

The conclusion (will summarise any findings or recommendations that the report puts forward regarding the concepts covered in the report.

5. Format of the report

The report should use font Arial or Calibri 11 point, be line spaced at 1.5 for ease of reading, and have page n umbers on the bottom of each page. If diagrams or tables are used, due attention should be given to pagination to avoid loss of meaning and continuity by unnecessarily splitting information over two pages. Diagrams must carry the appropriate captioning.

6. Referencing

There are requirements for referencing this report using APA referencing style for citing and referencing research. It is expected that you used 10 external references in the relevant subject area based on readings and further research.

7. You are strongly advised to read the rubric, which is an evaluation guide with criteria for grading the assignment—this will give you a clear picture of what a successful report looks like.

Submission Instructions

Submit Assessment 3 via the Assessment l ink in the main navigation menu in MIS607 Cybersecurity. The Learning Facilitator will provide feedback via the Grade Centre in the LMS portal. Feedback can be viewed in My Grades.