By 31st MAY 2019
Effective cyber security risk management is much more than a technology solution, it must be integrated into an organisations day-to-day operations. A company must be prepared to respond to the inevitable cyber incident, restore normal operations and ensure that company assets and the company's reputation are protected.
In this assessment, you must perform a risk analysis of a scenario organisation's cyber risk, identify threats and vulnerabilities of information assets, forecast the consequences of a successful attack and recommend how each threat should be treated.
The risk assessment needs to be able to cater for hardware, software and network failures, be they accidental or deliberate.
The risk assessment will allow you to explore the application of cyber security principals to a scenario organisation. A list of scenario organisations will be provided to you no later than week 3.
A detailed marking matrix is available to all enrolled students on the unit iLearn site. Marking criteria in the marking matrix includes evaluation of understanding of risk assessment concepts, written expression, referencing, structure and layout and workability.
It should be noted that this assessment is based around your understanding of preparing a risk assessment and applying risk management principles, it is not based around your technical expertise or knowledge. You should, however, try to provide realistic details around your risk assessment as much as possible. Allowances will be made to the fact that you do not have access to detailed information about the systems, networks etc of your chosen scenario organisation. In this case, it is acceptable for you to make an educated evaluation (or guess) to the type of systems that may be in place in your scenario organisation and use these as the basis of your risk assessment.
This assessment is the major piece of work in the unit and is worth 50% of the total mark. This assessment should be completed by all students.
You must ensure that you provide good argument for the treatment options that you choose. These should be based on analysis and assessment and supported by research/academic evidence. Although this is not a research essay, it is still important to support your opinions and/or treatment options, I would, therefore, expect to see a minimum of 20 citations in this piece of work. Direct quotes should be used sparingly and should not fill up the report.
The risk assessment report should be 3,500 words plus or minus 10%. The word limit includes footnotes and footnoted references, but not bibliography, or title page. If the number of words exceeds the limit by more or less than 10%, then penalties will apply. These penalties are 5% of the awarded mark for every 100 words over or under the word limit. If a paper is 300 words over, for instance, it will lose 3 x 5% = 15% of the total mark awarded for the assignment. This percentage is taken off the total mark, i.e. if a paper was graded at a credit (65%) and was 300 words over, it would be reduced by 15 marks to a pass (50%)
Marks will be available to students within three weeks of submission at the latest.
Please use either SAGE Harvard or Oxford referencing styles only. All essays will be checked through plagiarism software. If you are unsure how to reference or cite properly, please ask, to ensure that you do not fall foul of plagiarism rules.