ITEC – 6610 Week 3 Project – Risk Assessment

Project: Introduction

This assignment is the first part of a Project that continues through different phases for the remainder of the course.

To prepare for this Project, consider that you are the employee of a large, fictitious organization. Provide a name for the organization. Do not use the name of a real organization. Create a detailed background of the organization, addressing the following items:

Don't use plagiarized sources. Get Your Custom Essay on
ITEC – 6610 Week 3 Project – Risk Assessment
Get a plagiarism free paperJust from $13/Page
Order Essay
  • Country where the headquarters is located
  • Nature of the business
  • General organizational structure (including lines of authority and communications)
  • Country/ies of operation

You are a member of the information security team at the organization that you have described, and you will address the responsibilities of your role in future Weeks.

You will refer to this same fictitious organization that you create for this assignment in the Projects assigned in the following Weeks. This Project will involve identifying a gap related to identity and access management, choosing an identity and access management tool, and presenting your results to your management. You will also develop security metrics and a high- level security strategy that shows key goal indicators that are well aligned with business objectives and present your results to your management and executives. Keep this in mind as you work through these assignments.

Risk Assessment

Successful information assurance programs apply industry standards and best practices to identify security risk and then form dynamic, crossfunctional teams, when required, to develop a plan to address these gaps in a way that is sensitive to the needs of key stakeholders.

To prepare for the Project in this Week, assume that the fictitious organization is large and growing rapidly, with both internal and external IT risks involving employees, customers, business partners, suppliers, and contractors. Clearly state any other assumptions you make.

You have been asked to assess risks associated with access and authorization in your organization. Develop a brief scenario that depicts a threat related to access and authorization. Below are two example use cases for a single scenario to guide you. You will need to develop your own scenario as well as your own use cases.

Use Case 1: Employee Provisioning—There needs to be an enterprise process for employee account provisioning. This should include setting up employees with the correct access rights, based on their role. When employees change roles, their access should be appropriately changed. Today, employees are given access to resources using Active Directory groups. When they go to a new job, the old access rights often are not removed like they should be, and this is a security concern.

Use Case 2: Separation of Duties—Administrators need a high level of access for their jobs. Today, their credentials allow them to administer servers and create accounts locally on the servers and in Active Directory. They can also edit log files and delete accounts and groups in Active Directory. This is a security concern, and roles should be set up so server administrators can do their job but not the job of an Active Directory administrator. The role that is allowed to create accounts should not be able to create new roles, and managers should approve new accounts. Keeping an administrator’s access in line with his or her role is a best practice, and it may be required by regulations such as Sarbanes-Oxley.

Please develop at least two others and explain them.

Write a 5- to 7-page paper about the risk assessment process that you plan to perform. Cover the following points:

  • Your introduction should include the following background information:
    • The country where the headquarters is located
    • The nature of the organization’s operations
    • The general organizational structure
    • The country/ies in which the organization operates
  • In describing the scenario and the two use cases you created, you should include the following regarding risk assessment planning:
    • How your team plans to perform the risk assessment and identify the gap
    • What other teams would be involved in a successful risk assessment
    • How poor access and authorization management affects security risk and business processes
    • Who the stakeholders are and the most important activities they may perform that involve accessing data and resources

Homework Valley
Calculate your paper price
Pages (550 words)
Approximate price: -

Our Advantages

Plagiarism Free Papers

All our papers are original and written from scratch. We will email you a plagiarism report alongside your completed paper once done.

Free Revisions

All papers are submitted ahead of time. We do this to allow you time to point out any area you would need revision on, and help you for free.

Title-page

A title page preceeds all your paper content. Here, you put all your personal information and this we give out for free.

Bibliography

Without a reference/bibliography page, any academic paper is incomplete and doesnt qualify for grading. We also offer this for free.

Originality & Security

At Homework Valley, we take confidentiality seriously and all your personal information is stored safely and do not share it with third parties for any reasons whatsoever. Our work is original and we send plagiarism reports alongside every paper.

24/7 Customer Support

Our agents are online 24/7. Feel free to contact us through email or talk to our live agents.

Try it now!

Calculate the price of your order

We'll send you the first draft for approval by at
Total price:
$0.00

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

We work around the clock to see best customer experience.

Pricing

Flexible Pricing

Our prices are pocket friendly and you can do partial payments. When that is not enough, we have a free enquiry service.

Communication

Admission help & Client-Writer Contact

When you need to elaborate something further to your writer, we provide that button.

Deadlines

Paper Submission

We take deadlines seriously and our papers are submitted ahead of time. We are happy to assist you in case of any adjustments needed.

Reviews

Customer Feedback

Your feedback, good or bad is of great concern to us and we take it very seriously. We are, therefore, constantly adjusting our policies to ensure best customer/writer experience.

See all services