Chat with us, powered by LiveChat Risk Assessment Policy - EssayAbode

28 Sep Risk Assessment Policy

Posted at 09:26h in business by

Order Instructions

Student Name:

Date:

 

Part 1: Risk Assessment Policy

 

Locate and read the Risk Assessment Policy in the NIST Cybersecurity Framework Policy Template Guide. Research online for a real-world implementation example of the policy and compare the NIST policy template with the template side by side. https://www.cisecurity.org/wp-content/uploads/2020/07/NIST-CSF-Policy-Template-Guide-2020-0720-1.pdf

 

Answer the following questions clearly and systemically in this Word document. Make sure to include a References section toward the end of the document.

 

1. The Risk Assessment Policy is implemented for which NIST function and sub-categories? [5 points]

 

Answer:

 

2. Which organization is the implementation example you identified for? Which industry sector (e.g., education, government, etc.) is the organization in? [5 points]

 

Answer:

 

3. What is the purpose of the example policy? Which party (parties) does the policy apply to? Who is/are responsible for implementing this policy? [5 points]

 

Answer:

 

4. As compared to the NIST policy template, how is the example policy customized to fit the needs of the specific organization? Describe two occurrences of the customization in detail. [10 points]

 

Answer:

 

5. If specified in the example policy, what criteria are defined to verify the organization’s compliance to the policy? If not specified in the example policy, what are your recommendations? [5 points]

 

Answer:

 

Part 2: Access Control Policy

 

Locate and read the Access Control Policy in the NIST Cybersecurity Framework Policy Template Guide. Research online for a real-world implementation example of the policy and compare it with the NIST policy template side by side.

Answer the following questions clearly and systemically in this Word document. Make sure to include a References section toward the end of the document.

 

1. The Access Control Policy is implemented for which NIST function and sub-categories? [5 points]

 

Answer:

 

2. Which organization is the implementation example you identified for? Which industry sector (e.g., education, government, etc.) is the organization in? [5 points]

 

Answer:

 

3. What is the purpose of the example policy? Which party (parties) does the policy apply to? Who is/are responsible for implementing this policy? [5 points]

 

Answer:

 

4. As compared to the NIST policy template, how is the example policy customized to fit the needs of the organization? Describe one occurrence of the customization in detail. [5 points]

 

Answer:

 

5. If specified in the example policy, what criteria are defined to verify the organization’s compliance to the policy? If not specified in the example policy, what are your recommendations? [5 points]

 

Answer:

 

6. If specified in the example policy, how frequent is the policy reviewed for potential modifications? If not specified in the example policy, what are your recommendations? [5 points]

 

Answer:

 

 

 

References

 

1.

2.

3.

Related Tags

Academic APA Assignment Business Capstone College Conclusion Course Day Discussion Double Spaced Essay English Finance General Graduate History Information Justify Literature Management Market Masters Math Minimum MLA Nursing Organizational Outline Pages Paper Presentation Questions Questionnaire Reference Response Response School Subject Slides Sources Student Support Times New Roman Title Topics Word Write Writing