Information security risk assessment report
create an information security risk assessment report for an organization.
Using the company selected for the Topics 5-7 assignments, write a security risk assessment report. Use the outline presented in Chapter 7 of Information Security Risk Assessment Toolkit: Practical Assessments Through Data Collection and Data Analysis, including the sections outlined below. Use information from the Topic 4-7 assignments to create the report.
Executive Summary
Methodology
Organizational Assessment
System Specific Assessment
Results
Organizational Risk Analysis, including review of emerging threats and trends, third-party assessments, and security metrics.
System Specific Analysis, including system characterization, threat identification, vulnerability identification, impact analysis, control analysis, likelihood determination, risk determination, control recommendations, and results documentation.