Risk Management Plan

by

For the final assignment, you must design a corporate risk management plan for FSB as part of their corporate security program. The format for the plan must be as follows:

  1. Introduction State of the Organization
    1. corporate management of systems and applications
    2. threats every organization or institution faces in the era of mobile and cloud computing
    3. Organizational chart
    4. Network diagram
  2. Objectives of the Risk Management Plan Risk Statement with a definition of IT emergencies, ranking the nature of incidentswhether they are natural, technical, human resources, or cyber-threats.
  3. Business Impact Analysis (BIA) for FSB
  4. Plan of Action and Milestones (POAM) Action Plan for Incident
  5. Risk Reduction Strategies for Mobile Device Management (MDM)
  6. Tool recommendations
  7. Response and Risk Management
    1. Strategies to assess and mitigate risk and maintain privacy when cloud computing is used in a production environment.
    2. Sequence, workflow, or flowchart illustrating the steps to follow when responding to an incident.
    3. Steps to follow and recommended tools to use to perform a vulnerability assessment.
  8. Disaster Recovery Sites Remote Locations
    1. IP lines redirect to a different location inside the organization (cold site).
    2. Temporary IT center contracted for the purposes of partial recovery of business functions (hot site).
  9. Inventory – Hardware and network architecture, databases, and applicationsclassified in criticality levels.
  10. Backup Strategy that documents protection and electronic files replication.
  11. Transfer Strategy – Steps to follow to transfer operations to a remote location.
  12. Testing Plan for implementing drills, including frequency and results reporting.
  13. Plan Distribution
  14. User Awareness and Training of Emergency Committee Personnel

Length: 15-17 page technical paper – APA

References: Minimum of 10 scholarly resources

Resources:

Ali, M., Khan, S. U., & Vasilakos, A. V. (2015, June 1). Security in cloud computing: Opportunities and challenges. Information Science, 305, 357-383.

Brennan, J. (2018). The role of intelligence in corporate security. Security Solutions for Enterprise Security Leaders, 55(5), 22.

Georg, L. (2017). Information security governance: Pending legal responsibilities of non-executive boards. Journal of Management & Governance, 21(4),