PLEASE I AM SUBMITTING THIS ASSIGNMENT ON TURNTIN

For this paper, you will construct a cyber-security risk profile for the company that you wrote about in Part 1 of the Corporate Profile project. Your risk profile, which includes an Executive Summary, Risk Register, and Risk Mitigation Recommendations (Approach & Security Controls by family), will be developed from information provided by the company in its Form 10-K filing (Annual Report to Investors) retrieved from the U.S. Securities and Exchange Commission (SEC) Edgar database.  You will also need to do additional research to identify security controls, products, and services which could be included in the company’s risk response (actions it will take to manage cybersecurity related risk).

Research

• Review the Risk section of the company’s SEC Form 10-K. Develop a list of 5 or more specific cyberspace or cybersecurity related risks which the company included in its report to investors. Your list should include the source(s) of the risks and the potential impacts as identified by the company.
• For each risk, identify the risk management or mitigation strategies which the company has implemented or plans to implement.
• Next, use the control families listed in the NIST Special Publication 800-53 http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf to identify general categories of controls which could be used or added to the company’s risk management strategy for each risk in your list.
• For each control family, develop a description of how the company should implement these controls (“implementation approach”) as part of its risk management strategy.

Attachments:

• 1515071619-CSIA 350 Corporate Profile Part 2 - Detailed.docx