Risk Management Strategy for an e-Commerce Company schoolwork
Assignment ID Number AFFGEHU83939HD Type of Document Essay Writing Format APA/MLA/Harvard Academic Level Masters/University References/Sources 4 References
Risk Management Strategy for an e-Commerce Company schoolwork
Project 3 –Risk Management Strategy for an e-Commerce Company
For this project, you will build upon the e-Commerce Risk Analysis performed in Project #2. For this project, you will construct a risk management strategy for your selected company which includes specific cybersecurity activities (as defined in the NIST Cybersecurity Framework Core) which will help the company mitigate the identified risks. Your strategy will include an “acquisition forecast” in which you identify and discuss the technologies, products, and services required to implement your recommended risk management strategy. (Note: you must use the same company as used in Project #2. You may expand upon your risk analysis if necessary.)
Develop an Executive Summary
Since this is a separate deliverable, you will need to begin by identifying the selected company and providing an executive summary of the e-Commerce Risk Analysis that you presented in Project #2.
Develop and Document the Risk Mitigation Strategy
For this section of your project, you must identify and document a risk mitigation strategy for 10 separate risks. Your risk mitigation strategies must utilize at least three (3) of the five (5) NIST Cybersecurity Framework (CSF) Core Functions.
- Begin by copying Table 1 from this file into a new file (for your assignment submission). This table will become your Risk Profile Table. (Delete the example text.)
- Next, convert your list of risk factors (from Project #2) into a “Risk Profile” Each risk factor should be listed as a separate risk item with its own row in your Risk Profile. (Add a row to your table for each identified risk – one per row). For this step, you will fill in the information for the first two columns (Risk ID and Risk).
- Next, consult the NIST Cybersecurity Framework (see Table 2: Framework Core) to identify the cybersecurity activities which can be used to control / mitigate the identified risks. Add this information to each row in your table. Note: you should paraphrase the information for the “Risk Mitigation Strategy (description)” column and the “Implementation: Required Technologies, Products, or Services” column.
- Complete the final two columns of the table by entering the exact function, category, and sub-category identifiers and descriptions as listed in NIST CSF Table 2. See the example below.
CSIA 350: Cybersecurity in Business & Industry
Copyright © 2019 by University of Maryland University College. All rights reserved.
Table 1. Risk Profile Table (example)
Risk ID Risk Risk Mitigation Strategy (description) Implementation: Required Technologies, Products, or Services NIST Cybersecurity Framework Category and Sub Category Identifier (e.g. ID.AM-1) Sub-Category Description 001 Theft of customer information from online transactions Encrypt all communications between customers and the company’s online ordering system. Implement Transport Layer Security; purchase and deploy digital certificates to use for encrypting communications. PR.DS-2 Data-in-transit is protected. 002 003 004 005 006 007 008 009 010
Develop an “Acquisition Forecast”
To complete your work, summarize the technologies which you are recommending that the company acquire (purchase) in order to mitigate risks; these technologies MUST appear in your risk profile table. Your acquisition forecast should identify and fully discuss a minimum of three categories or types of cybersecurity products or services which this company will need to purchase in order to appropriately mitigate the identified risks. Remember to include information about potential vendors or suppliers including how you can identify and qualify appropriate sources of technologies, products, and services. This information provides the justification or rationale for your recommendations.
Note: “qualifying” a producer / manufacturer, vendor or seller refers to the due diligence processes required to investigate the supplier and ensure that the products, services, and technologies acquired from it will meet the company’s needs and requirements. For cybersecurity related acquisitions, this many include testing the products and services to ensure that they can be trusted to deliver the required functionality and will not be a source of threats or harm.
- An executive summary which identifies the company being discussed and provides a brief introduction to the company including when it was founded and significant events in its history. This summary must also provide a high level overview of the company’s operations (reuse and adapt your narrative from Project #2) and the e-Commerce risks that the company must address and mitigate.
- A separate section in which you present a Risk Management Profile. Begin with an introductory paragraph in which you summarize the risks and risk mitigation strategies. Your introduction should also explain the Risk Profile table (what is in it, how to use it).
- Complete and then insert your Risk Profile Table at the end of this Risk Management Profile section. In-text citations are NOT required within the body of your Risk Profile Table but you must credit the sources of information used by listing / mentioning them in your introduction to this section.
- A separate section in which you present your “Acquisition Forecast” in which you identify and discuss the products, services, and/or technologies which the company must purchase in the future to implement the recommended risk mitigation strategies. Remember to include information about potential vendors or suppliers including how you can identify and qualify appropriate sources of technologies, products, and services.
- A closing section (Summary & Conclusions) which summarizes your risk management strategy and presents a compelling argument as to how your risk mitigation strategies (including the acquisition forecast) will reduce or control (mitigate) the identified “cyber” risks. Remember to address the five NIST Cybersecurity Framework Core Functions in your summation.
Submit for Grading
Submit your work in MS Word format (.docx or .doc file) using the Project #3 Assignment in your assignment folder. (Attach the file.)
- Your 5-8 page Risk Management Strategy for an e-Commerce Company should be professional in appearance with consistent use of fonts, font sizes, margins, etc. You should use headings to organize your paper. The CSIA program recommends that you follow standard APA formatting since this will give you a document that meets the “professional appearance” requirements. APA formatting guidelines and examples are found under Course Resources > APA Resources. An APA template file (MS Word format) has also been provided for your use CSIA_Basic_Paper_Template(APA_6ed,DEC2018).docx.
- Your paper should use standard terms and definitions for cybersecurity. See Course Content > Cybersecurity Concepts for recommended resources.
- You must include a cover page with the assignment title, your name, and the due date. Your reference list must be on a separate page at the end of your file. These pages do not count towards the assignment’s minimum page count. (An example and template file are available in the LEO classroom.
- You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs.
- You are expected to credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must follow a consistent citation style (APA, MLA, etc.). See direction under “Write” for how to cite sources used in your Risk Profile Table.
- Consult the grading rubric for specific content and formatting requirements for this assignment.
QUALITY OF RESPONSE NO RESPONSE POOR / UNSATISFACTORY SATISFACTORY GOOD EXCELLENT Content (worth a maximum of 50% of the total points) Zero points: Student failed to submit the final paper. 20 points out of 50: The essay illustrates poor understanding of the relevant material by failing to address or incorrectly addressing the relevant content; failing to identify or inaccurately explaining/defining key concepts/ideas; ignoring or incorrectly explaining key points/claims and the reasoning behind them; and/or incorrectly or inappropriately using terminology; and elements of the response are lacking. 30 points out of 50: The essay illustrates a rudimentary understanding of the relevant material by mentioning but not full explaining the relevant content; identifying some of the key concepts/ideas though failing to fully or accurately explain many of them; using terminology, though sometimes inaccurately or inappropriately; and/or incorporating some key claims/points but failing to explain the reasoning behind them or doing so inaccurately. Elements of the required response may also be lacking. 40 points out of 50: The essay illustrates solid understanding of the relevant material by correctly addressing most of the relevant content; identifying and explaining most of the key concepts/ideas; using correct terminology; explaining the reasoning behind most of the key points/claims; and/or where necessary or useful, substantiating some points with accurate examples. The answer is complete. 50 points: The essay illustrates exemplary understanding of the relevant material by thoroughly and correctly addressing the relevant content; identifying and explaining all of the key concepts/ideas; using correct terminology explaining the reasoning behind key points/claims and substantiating, as necessary/useful, points with several accurate and illuminating examples. No aspects of the required answer are missing. Use of Sources (worth a maximum of 20% of the total points). Zero points: Student failed to include citations and/or references. Or the student failed to submit a final paper. 5 out 20 points: Sources are seldom cited to support statements and/or format of citations are not recognizable as APA 6th Edition format. There are major errors in the formation of the references and citations. And/or there is a major reliance on highly questionable. The Student fails to provide an adequate synthesis of research collected for the paper. 10 out 20 points: References to scholarly sources are occasionally given; many statements seem unsubstantiated. Frequent errors in APA 6th Edition format, leaving the reader confused about the source of the information. There are significant errors of the formation in the references and citations. And/or there is a significant use of highly questionable sources. 15 out 20 points: Credible Scholarly sources are used effectively support claims and are, for the most part, clear and fairly represented. APA 6th Edition is used with only a few minor errors. There are minor errors in reference and/or citations. And/or there is some use of questionable sources. 20 points: Credible scholarly sources are used to give compelling evidence to support claims and are clearly and fairly represented. APA 6th Edition format is used accurately and consistently. The student uses above the maximum required references in the development of the assignment. Grammar (worth maximum of 20% of total points) Zero points: Student failed to submit the final paper. 5 points out of 20: The paper does not communicate ideas/points clearly due to inappropriate use of terminology and vague language; thoughts and sentences are disjointed or incomprehensible; organization lacking; and/or numerous grammatical, spelling/punctuation errors 10 points out 20: The paper is often unclear and difficult to follow due to some inappropriate terminology and/or vague language; ideas may be fragmented, wandering and/or repetitive; poor organization; and/or some grammatical, spelling, punctuation errors 15 points out of 20: The paper is mostly clear as a result of appropriate use of terminology and minimal vagueness; no tangents and no repetition; fairly good organization; almost perfect grammar, spelling, punctuation, and word usage. 20 points: The paper is clear, concise, and a pleasure to read as a result of appropriate and precise use of terminology; total coherence of thoughts and presentation and logical organization; and the essay is error free. Structure of the Paper (worth 10% of total points) Zero points: Student failed to submit the final paper. 3 points out of 10: Student needs to develop better formatting skills. The paper omits significant structural elements required for and APA 6th edition paper. Formatting of the paper has major flaws. The paper does not conform to APA 6th edition requirements whatsoever. 5 points out of 10: Appearance of final paper demonstrates the student’s limited ability to format the paper. There are significant errors in formatting and/or the total omission of major components of an APA 6th edition paper. They can include the omission of the cover page, abstract, and page numbers. Additionally the page has major formatting issues with spacing or paragraph formation. Font size might not conform to size requirements. The student also significantly writes too large or too short of and paper 7 points out of 10: Research paper presents an above-average use of formatting skills. The paper has slight errors within the paper. This can include small errors or omissions with the cover page, abstract, page number, and headers. There could be also slight formatting issues with the document spacing or the font Additionally the paper might slightly exceed or undershoot the specific number of required written pages for the assignment. 10 points: Student provides a high-caliber, formatted paper. This includes an APA 6th edition cover page, abstract, page number, headers and is double spaced in 12’ Times Roman Font. Additionally, the paper conforms to the specific number of required written pages and neither goes over or under the specified length of the paper.
GET THIS PROJECT NOW BY CLICKING ON THIS LINK TO PLACE THE ORDER
Do You Have Any Other Essay/Assignment/Class Project/Homework Related to this? Click Here Now [CLICK ME]and Have It Done by Our PhD Qualified Writers!!
Tired of getting an average grade in all your school assignments, projects, essays, and homework? Try us today for all your academic schoolwork needs. We are among the most trusted and recognized professional writing services in the market.
We provide unique, original and plagiarism-free high quality academic, homework, assignments and essay submissions for all our clients. At our company, we capitalize on producing A+ Grades for all our clients and also ensure that you have smooth academic progress in all your school term and semesters.
High-quality academic submissions, A 100% plagiarism-free submission, Meet even the most urgent deadlines, Provide our services to you at the most competitive rates in the market, Give you free revisions until you meet your desired grades and Provide you with 24/7 customer support service via calls or live chats.