Executive Summary On Risk Mitigation Given the information presented in Lesson 1 and the materials from “Assignment: Executive Summary on Risk Analysis,” y

Click here to Order a Custom answer to this Question from our writers. It’s fast and plagiarism-free.

Executive Summary On Risk Mitigation Given the information presented in Lesson 1 and the materials from “Assignment: Executive Summary on Risk Analysis,” your task for this assignment is to:

Identify at least five risks to the IT resources.
Write an executive summary report that describes:

The importance of a security policy
Methodology to implement the policies to mitigate the identified risks

Required ResourcesMaterials from Assignment: Executive Summary on Risk AnalysisSubmission Requirements

Format: Microsoft Word
Font: Arial 10-point size, Double-space
Citation Style: Follow your school’s preferred style guide
Length: 500 words minimum

Evaluation Criteria and Rubric

Incorporate the risk analysis executive summary from Lesson 1
Support the importance of a security policy in the executive summary
Suggest methodology to implement the policies to mitigate the identified risks IT Asset Description


Infrastructure domain

Privacy Data Impact


(Critical, Major- minor)

Quantitative value

Administration Server

Systems/Application Domain




Student’s Server

Systems/Application Domain




Administration Staff and Teacher’s Desktop Computers

Workstation Domain




Principal Notebook Computer

Workstation Domain




Computer Lab Desktops

Workstation Domain




Student’s Laptops

Workstation Domain




Network Access (Wired / Wireless)

Lan – Wan Domain




Users (Students and Staff)

User Domain





Having analyzed the school’s assets, Ashton Symonds, the principal, drafted an asset list that prioritizes each school’s assets based on how much protection each requires. An analysis of risks has the following objectives:

· To protect the schools’ critical assets

· To prepare an asset list and prioritize the assets based on their importance to the function of the school.


A risk analysis of the school’s critical assets, such as servers and network infrastructure was conducted. However, the scope did not include buildings and facilities. The documentation that we leveraged to assist in the risk analysis from the school included;

· Previous risk assessment Report

· Internal controls that were relevant to this assessment


During the risk analysis, the following steps were used to analyze the schools’ system.

· We combined a list of all the resources that were critical to the school and accompanied it with a brief description of its business value to the school

· By using a series of different techniques to test the system, we identified all the vulnerabilities of the critical resources and included a description of the weakness and how this weakness could affect the school and finally, we had the threats categorized.

· A severity and likelihood rating was done on the threats and a final rating was done based on the CIA triad. The confidentiality (Schaefer et al 2018), integrity, and availability needs of each critical resource.

· For every risk that we identified we recommended an action that would bring the risks into an acceptable range of exposure. 

The following assessment was taken,

· The schools’ computers were identified and their business value documented.

· Based on the criticality of the resources the computers were elevated using Confidentiality, Integrity, Availability, and Accountability individual aspects (Livraga & Viviani 2019).

· The most likely and severe risk exposure were identified, and this data used to determine the overall risk exposure

· The ratings on the risk were used to determine recommended safeguards that eventually led to the formation of risking mitigation strategies.


Information exposure by weak authentic that risked the security of the schools’ data. The users should be trained on the importance of security and having secure passwords in place.

Remote access vulnerabilities due to user’s access of data over the internet to the server. there should be malware installed and antivirus installed to ensure safety during the wireless connections.

Unlocked workstations or user machines could lead to the manipulation of data by unauthorized users. Workstations should always be shut down when not in use. Users need to be taught and aware of the importance of data security.

The servers are the most important based on their ability to store the schools’ data, the teachers’ workstations are next as they enable teachers to perform data entry and the rest follow in the order of necessity to everyday use.


Livraga, G., & Viviani, M. (2019, November). Data confidentiality and information credibility in online ecosystems. In Proceedings of the 11th International Conference on Management of Digital EcoSystems (pp. 191-198).

Schaefer, I., Runge, T., Knüppel, A., Cleophas, L., Kourie, D., & Watson, B. W. (2018, November). Towards confidentiality-by-construction. In International Symposium on Leveraging Applications of Formal Methods (pp. 502-515). Springer, Cham.

US Department of Education (ED). (2021, August 25). Family educational rights and Privacy act (ferpa). Home. https://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html.

Place your order now for a similar assignment and have exceptional work written by one of our experts, guaranteeing you an A result.

Need an Essay Written?

This sample is available to anyone. If you want a unique paper order it from one of our professional writers.

Get help with your academic paper right away

Quality & Timely Delivery

Free Editing & Plagiarism Check

Security, Privacy & Confidentiality