Assign : | Computer Science

Guidancetofollow.docx Guidance to follow I encourage you to build your project format following the requirements established in each project's final step. I am going to give you the key to success. I am a fan of headings/subheadings in the final project that directly reflect the defined requirements. You should format all your submissions in this manner. Doing so makes it easy for me to see that you are addressing the criteria specified in that assignment. It leaves less room for me to make my interpretation since you will make it clear that you have addressed the rubrics of the assignment.  This will also keep you on track to success by preventing scope creep. There is no space to add unnecessary material. I look for executive writing at the graduate level, which directly translates to being clear and concise.  Be aware that steps must be consolidated/coordinated in the final submission, not just cut and pasted together. So... I recommend showing me the direct relation between your material and what is being graded ‐ use formatting (headings/subheadings/appendices) to establish the correlation. I strongly encourage you to complete your profiles as asked in an earlier post. This is the first window to build relationships amongst your peers in the course. Additional Guidance Posted Aug 13, 2025 9:29 AM I encorage the use of Appeciecesin your papers.  They can be used to keep the main content clear and concise while adding the detailed background information needed to inform the main content.  Here are tips to be successful in their use. 1. If there is a page requirement for X pages.  The main content should be no more, no less.  Caveat: I only count between the first letter in the Introduction to the last letter in the Conclusion (what I call the main content of the paper). 2. Appendices should be placed after the references section and each Appendix should begin on its own page.  Titled as Appendix A, B, C, etc. 3. The full document must be formatted in APA, even Appendices. 4. Appendices should include more than a table or figure.  There should be paragraphed context in each Appendix to support the table or figure.  They are best presented as if I can pull a single appendix out and understand it as a stand-alone document. 5. Paragraphs should be ~5 sentences. Unit2AssignmentDirections.docx Unit 2 Assignment Directions: Risk-Assessment Strategy Purpose In this assignment, you will detail the risk-assessment plan and strategy for your organization that you described in your discussion post. You have demonstrated that you understand their core business functions and mission. Your risk assessment should be tailored to that understanding. If you implement the risk-management controls recommended by NIST, another standards body, or a trade association for your industry, you will be demonstrating compliance with government requirements. This means that if there is a breach, your legal office can provide a written justification that maps your compliance to your direct business services. This will also support any insurance claims and help to maintain your business reputation. Directions Write a detailed overview and analysis of the fundamentals of risk management in cybersecurity for your organization that you described in your discussion post. You may choose one of the following two options for formatting your response (see details below): · Option A: A 4- to 6-page paper  OR · Option B: A matrix (sample provided below) and a 2- to 3-page narrative Regardless of which format you choose, be sure to address all the following elements: 1. Write a substantive executive summary that includes the following: a. A brief statement on the purpose and scope of the RA b. Your focus on the current organizational assessment c. Your risk-mitigation and management strategy d. Cited references to authorities that show the organization’s compliance with government requirements, industry best practices (NIST), or other standards 2. Assess the cybersecurity posture of your chosen organization. Be sure to include the following: a. Describe your organization's business goals, mission, objectives, and how the requirements would support them. b. Use the implementation tiers in NIST to assess your organization’s current situation. c. List vulnerabilities, countermeasures, and recommendations for improvement. 3. Apply the NIST RMF framework: a. Explain in more detail how to use NIST 800-53 (rev.5), NIST 800-30, and the new NIST 2.0 to create a comprehensive strategy. b. Explain what actions you would take to align your business strategy with the recommended NIST best practices. c. Clearly map the business objectives and goals to a cybersecurity plan. Include all the following key measures: i. Prepare the organization. ii. Categorize system and information. iii. Select a range of 4–6 NIST SP 800-53 controls. iv. Implement the controls and document how controls were deployed. v. Assess whether the controls are in place, operating as intended, and producing the desired outcomes. vi. Authorize risk-based decision-making. vii. Continuously monitor implementation and risks to the system. 4. Evidence of skills: Demonstrate your knowledge of risk-assessment protocols as well as legal and regulatory compliance. 5. Write the paper with an organized, logical flow of information. Cite authoritative sources sufficiently to show that your analysis is based on the resources provided or other documents you find through your research. Please use a consistent citation style. Executive Summary Features Here are some ideas for what to include in your executive summary. A CEO should be able to use your summary for decision-making purposes. An executive summary includes a brief statement of the issue, which helps the executive understand the topic (risk mitigation and management). As stated in the directions, cite the authorities you are using to show compliance with government requirements, industry best practices (e.g., NIST), or other standards. To analyze the importance of these requirements and best practices, one approach would be to follow the suggestions below. Explain briefly how the templates and their rationale provide assurances to the CEO that these requirements reduce the organization’s cybersecurity risk. One way to do this is to cite a specific requirement as an example and explain how it is applied. Then you may also want to talk briefly about a technological solution you are using to assist you in this effort. You can then list some of the vulnerabilities your organization has in the system and explain how you will address them, Finally, you could discuss how you will make sure that you are ensuring compliance (e.g., continuous monitoring, establishing a training program that requires quarterly testing, or some other methods that demonstrate active participation). To remind yourself how to cite references, visit the Library’s  APA Document Formatting (7th Edition) and  APA 7th Edition Citation Examples. Format Click the "+" to expand each section below. Suggested Outline for Option A: Paper Suggested Outline for Option B: Narrative and Matrix Submission · Review the Unit 2 Risk-Assessment Strategy Rubric to understand how you will be assessed on this assignment. image4.png image5.png image6.png image7.png image8.png image1.png image2.png image3.png