RESPOND TO THESE DISCUSSION POST BASED ON THE TOPIC “First, review the National Institute of Standards and Technology Guide for Conducting Risk Assessments (NIST 800-30), paying particular attention to Chapter 3: The Process.
Then, in your initial post, share the parts of the report you found interesting and explain how you could apply them in solving real-world problems. In addition, discuss any parts of the reading where you had challenges in understanding their application. Finally, highlight part of the document you feel could be useful in completing your final project.
As this document is an important industry standard, take this opportunity to examine it as a group of peers and help each other in understanding its significance and utility.”
In response to your peers, share any insights you had that might help your peers overcome any challenges they had with the document, explaining how you overcame the same or similar problems. (TWO (2) PARAGRAPHS EACH WITH REFERENCES ON EACH OF THEM SEPARATELY, NOT TOGETHER)
APA reminders – In your Discussions and Assignments –
* Use less than 10% direct quotes
* Quotes over 40 words not allowed in this classes (by exception only ahead of time)
* Every quote needs a specific page or paragraph number
* Ideas and concepts from articles on websites need to be re-written in your own thoughts, vocabulary, and ideas and not simply paraphrased.
1XvrCrz VNIST Guidance
In section 3.2, one gets to the meat and potatoes of the risk assessment: actually conducting it. This part of the risk assessment process is all about identifying threat sources and determining the risk if one of these threats were to cause an event. Will this event cause a large impact? How likely is this threat to occur? All important aspects of conducting the risk assessment that should be taken into account when completing a risk assessment at a real company. This is the whole point.
Table D-2 shows the “Taxonomy of Threat Sources”. These are all the big hitters of what the risk assessment should be preparing and protecting a company from. It’s extremely useful especially for a company who is just starting out and does not know all of the potential scenarios they should be prepared for. My only gripe here is the “characteristics” section. Citing a “Range of Effects” for all but the ADVERSARIAL type is a bit of a cop out considering the verboseness of the rest of the document.
The entire document and especially chapter 3 will be useful in the final project consider it speaks specifically to preparing, conducting, and maintain the risk assessment. The step by step guide is useful in this sense. One could follow chapter three explaining each bullet in specific reference to their company/final project to get a feel for the current standing.
This guide is a very helpful when looking at how to tackle risk assessments. Often, organizations struggle on where to even begin when building a risk assessment program. This guide is really designed to give the framework and what is needed in order to start performing risk assessments. Chapter 3 in particular really looks at actually conducting the risk assessment.
I found this whole chapter interesting because it clearly defines what needs to be done to conduct the risk assessment, such as identifying threat sources and threat events. This can really be utilized to solve the real-world problem of where to begin and how to actually perform risk assessments. I know first-hand that this document is used in the real-world. Not only has my current organization utilized this guide and referenced this guide while performing our own risk assessment but this guide is one that you need to know if you plan on getting your CISSP certificate.
This entire document will come in handy for the final project because part of the project centers around the need to perform a risk assessment. Identifying threat sources and threat events are extremely important for all organizations to due in order to close up vulnerabilities and these guide shows you how to identify those sources and events.
PLEASE READ THIS.IT IS VERY IMPORTANT
Allow your discussion posts to be detailed and capable of sharing knowledge, ideas and points. You must discuss the topic using your own words first. Using your own words indicate you understand the topic of discussions. Secondly, you must cite your sources in-text. This is necessary to justify your points. Sources from several sources showed good research abilities. Lastly, you must provide references at the bottom of your post. A discussion post without justification with sources does not show proper research abilities. A terse and not detailed discussions represent post that would not provide enough sharing of knowledge or proper understanding of the topic. DO NOT just copy and paste a sentence from online with citation at the end as your own discussion. I have not asked for definitions, I asked for discussions and will not buy this. You must show understanding of the discussion topic by using your own words to describe the topic and then justify that with sources.
www.citationmachine.net to format references into the APA style if necessary. Extremely important. Intext citations is very essential and highly needed as well.
use double spacing, 12-point Times New Roman font, and one-inch margins. Sources should be cited according to APA citation method (citation should be relevant and current). Page-length requirements:2 PAPARAGRAPHS FOR EACH PROMPT ANSWER. Make sure you cite if you take a piece of someone’s work, very important and your reference should relate to your writing (don’t cite a reference because it relates to the course and not this very paper) at least 2 current and relevant academic references. No heavy paraphrasing of others work.