The objective of this assignment is to develop a Risk Assessment Report for an organization including
companies and government agencies.
You will conduct the analysis using only public information from the internet, organizational and news
reports, journal articles, etc., and information based on judicious, believable extrapolation of that
information. Consider the organization’s information assets (computing and networking infrastructure),
vulnerabilities, and legitimate threats that can exploit those vulnerabilities.
There is a wealth of business-oriented and technical information that can be used to infer likely
vulnerabilities and assets for an organization. It is recommended that students select their organizations
based at least in part on ease of information gathering, from a public record perspective.
Instructions
(NOTE: You will complete steps 1 and 2 by the end of Week 4 to submit as the Portfolio Project Milestone.)
Select an organization that has sufficient publicly available information to support a reasonable risk
analysis, particularly including threat and vulnerability identification.
Create an organization profile that includes:
Name and location
Management or basic organization structure
Industry and purpose (i.e., the nature of its business)
Financial information, standing in its industry, reputation
Relevant aspects of the company/organization’s computing and network infrastructure
Sample Solution