Computers and Technology, 07.09.2020 01:01 mcccreamullinsr
After the productive team meeting, Fullsoft’s chief technology officer (CTO) wants further analysis performed and a high-level plan created to mitigate future risks, threats, and vulnerabilities. As part of this request, you and your team members will create a plan for performing a gap analysis, and then research and select an appropriate risk assessment methodology to be used for future reviews of the Fullsoft IT environment.
An IT gap analysis may be a formal investigation or an informal survey of an organization's overall IT security. The first step of a gap analysis is to compose clear objectives and goals concerning an organization's IT security. For each objective or goal, the person performing the analysis must gather information about the environment, determine the present status, and identify what must be changed to achieve goals. The analysis most often reveals gaps in security between "where you are" and "where you want to be."
Two popular risk assessment methodologies are NIST SP 800-30 revision 1, Guide for Conducting Risk Assessments, and Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE). Your focus will be on the OCTAVE Allegro version, which is a more concise version of OCTAVE. When reviewing the methodologies, consider the following:
Which features or factors of each methodology are most important and relevant to Fullsoft?
Which methodology is easier to follow?
Which methodology appears to require fewer resources, such as time and staff, but still provides for a thorough assessment?
Tasks
Create a high-level plan to perform a gap analysis.
Review the following two risk assessment methodologies:
NIST SP 800-30 rev. 1, Guide for Conducting Risk Assessments (formerly titled " Risk Management Guide for Information Technology Systems")
Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE), Allegro version
Create a report that includes the gap analysis plan, a brief description of each risk assessment methodology, a recommendation for which methodology Fullsoft should follow, and justification for your choice.
Self-Assessment Checklist
I created a plan for performing a gap analysis of the IT environment.
I evaluated and selected a risk assessment methodology.
I summarized each methodology, recommended which methodology Fullsoft should follow, and provided justification for my choice.
I conducted adequate independent research for this part of the project.
I followed the submission guidelines.
Answers: 3
Another question on Computers and Technology
Computers and Technology, 22.06.2019 06:30
What result from the passage of this amendment
Answers: 1
Computers and Technology, 22.06.2019 19:30
Singing in the rain: this first part of the film shows the early history of motion picture. how accurate do you think the portrayal of the early motion picture industry is? why? is historical accuracy important in films and theater productions? explain.
Answers: 1
Computers and Technology, 23.06.2019 22:30
The output voltage of a power supply is assumed to be normally distributed. sixteen observations are taken at random on voltage are as follows: 10.35, 9.30, 10.00, 9.96, 11.65, 12.00, 11.25, 9.58, 11.54, 9.95, 10.28, 8.37, 10.44, 9.25, 9.38, and 10.85
Answers: 1
Computers and Technology, 24.06.2019 17:30
When you type january in a cell, then copy it using the fill handle to the cells below and the data automatically changes to february, march, april, and so on, what is this feature called? auto fill automaticcopy monthfill textfill
Answers: 1
You know the right answer?
After the productive team meeting, Fullsoft’s chief technology officer (CTO) wants further analysis...
Questions
Mathematics, 20.08.2020 21:01
English, 20.08.2020 21:01
Mathematics, 20.08.2020 21:01
Mathematics, 20.08.2020 21:01
Social Studies, 20.08.2020 21:01
Advanced Placement (AP), 20.08.2020 21:01
French, 20.08.2020 21:01
Computers and Technology, 20.08.2020 21:01
