Describe common concepts in information security
Exercise 1: Executive Summary on Risk Analysis
Learning Objectives and Outcomes
Describe common concepts in information security, privacy and the law. You will learn how to present and justify risk analysis for assets in an organizational setting and will relate those findings to the basic security principles of confidentiality, integrity, and availability.
Refer to the case scenario that was provided to you in Lab 1. By now, you will have created the comprehensive asset list in order of importance of each asset. For this assignment, you need to create an executive summary that explains your list. This executive summary will be presented to the school’s board of directors.
Much of the information you have analyzed will be technical in nature. First, without creating a full executive summary of the operation, summarize your findings in a simple bullet-point list. Then, assign a quantitative value to each asset by examining its numerical, measurable characteristics such as original cost, cost of replacement, loss of teaching skills or created information, school image and reputation.
This will allow you to organize your priorities, and be able to use that information to prepare a full executive summary for presentation to the school’s board of directors.
Submit your answer in a Microsoft Word document in not more than 300 words.
Font: Arial 10 point size
Line Spacing: Double