Week 6 Assignment – Mitigating Risks


There are multiple ways to bring threats and vulnerabilities to  light. Common practices and lessons learned can help us explore for  known or common threats.

Write a 3–4 page paper in which you:

  1. Explain the differences in threat, vulnerability, and exploit  assessments for information systems and define at least two tools or  methods to perform each type.
  2. Describe at least two tools or methods used to implement both  physical and logical security controls (four in total), then identify  the type of security personnel that would be used to implement each and  discuss their roles and responsibilities.
  3. Describe three considerations when translating a risk  assessment into a risk mitigation plan, then discuss the differences  between a risk mitigation plan and a contingency plan. 
  4. Explain the two primary goals to achieve when implementing a  risk mitigation plan and discuss the methods of mitigation for common information system risks.
  5. Use at least two quality resources in this assignment. Note:  Wikipedia and similar websites do not qualify as quality resources. The  Strayer University Library is a good location for resources.

The specific course learning outcome associated with this assignment is:

  • Examine the placement of security personnel and their functions in an organization.