Select five vulnerabilities and align associated risks to a risk management framework, such as NIST SP 800-37. Include the following:

  • Consider the potential vulnerabilities or threats facing the organization. 
  • Describe of the risk each vulnerability or threat would have on the organization in terms of its people, network, data, or reputation. 
  • Explain each risk’s impact on the organization. 
  • Provide a defined mitigation for each vulnerability, such as an incident response plan, disaster recovery plan, or business continuity plan. Give a defined reason why a vulnerability or threat would not be mitigated, such as the use of a different risk control strategy, if appropriate.

Leave a Comment

Your email address will not be published. Required fields are marked *