Assessment Description It is important to understand how to assess risk, in order to prepare for and defend against potential cyberattacks. Prepare a risk assessment to be delivered to the CISO or e
CYB-610 Benchmark – Risk Assessment Scoring Guide Performance Level Ratings Meets Expectations Performance consistently met expectations in all essential areas of the assignment criteria, at times possibly exceeding expectations, and the quality of work overall was very good. The most critical goals were met. Near Expectations Performance did not consistently meet expectations. Performance failed to meet expectations in one or more essential areas of the assignment, one or more of the most critical goals were not met. Below Expectations Performance was consistently below expectations in most essential areas of the assignment, reasonable progress toward critical goals was not made. Significant improvement is needed in one or more important areas. Criteria Below Expectations Near Expectations Meets Expectations Earned Benchmark 1.3: Conduct risk assessments and evaluate vulnerabilities, threats, and gaps in an organization’s infrastructure to identify appropriate security measures to reduce risks’ impact to business processes. The student comprehensively evaluates vulnerabilities, threats, and gaps in an organization’s infrastructure to identify appropriate security measures to reduce the risk’s impact to business processes with supporting details and examples. 0 pts – 6 pts 7 pts – 9 pts 10 pts The student comprehensively evaluates the implications as it applies to small and medium-sized business (SMB) data protection for intellectual property. 0 pts – 6 pts 7 pts – 9 pts 10 pts The student appropriately presents business strategies to ensure business sustainability, availability, and reliability. 0 pts – 6 pts 7 pts – 9 pts 10 pts The student effectively interprets assessments and current cybersecurity trends to plan for future challenges. 0 pts – 6 pts 7 pts – 9 pts 10 pts The student develops the assessment report. The documentation includes the following report elements: Overview System Overview Assessment Methodology Security Assessment Results Non-Conforming Controls Authorization Recommendations Appropriate Screenshots 0 pts – 2 pts 3 pts – 4 pts 5 pts Industry standard technical writing is correct and utilized throughout. 0 pts – 2 pts 3 pts – 4 pts 5 pts TOTAL /50 Instructor Feedback © 2018. Grand Canyon University. All Rights Reserved.
Assessment Description It is important to understand how to assess risk, in order to prepare for and defend against potential cyberattacks. Prepare a risk assessment to be delivered to the CISO or e
CYB-610 Security Assessment Report Template System Assessment Report For: {System Name} Version: Date: Prepared By: Overview Purpose Scope Applicable Laws and Regulations The following laws and regulations are applicable: Applicable Standards and Guidance The following standards and guidance are applicable to the organization: System Overview System Name General System Description and Purpose Security Categorization Assessment Methodology Performed Tests Identification of Vulnerabilities Consideration of Threats Performed Risk Analysis Document Results This section should include any relevant screenshots. Security Assessment Results Non-Conforming Controls Authorization Recommendations © 2018. Grand Canyon University. All Rights Reserved.