Cyber/Information Risk Management and Governance

1 Background

Stonebridge Consulting Ltd. (SC) works within an intensely competitive market wherein there are a significant number of IT consulting companies fighting for a relatively small share of the market. The company offers services in 3 main areas:

Don't use plagiarized sources. Get Your Custom Essay on
Cyber/Information Risk Management and Governance
Just from $13/Page
Order Essay

a. Cybersecurity, including cybersecurity assessments, programme development and maintenance and education of company executives

b. Security of Assets and People, including comprehensive security evaluations, integrated risk, vulnerability and threat assessments and equipment and technical infrastructure evaluation; and

c. Business Intelligence, including strategic intelligence, enhanced due diligence and world-wide asset tracing.

SC reported a turnover of £3 million in the financial year 2019-2020.

There are 5 departments (Consulting – by far the largest, sales, marketing, HR and IT) each led by a director. These departments are located in two offices in the UK, one in Silverstone and another in Cheltenham. Consulting staff along with Sales are based in Cheltenham. The Silverstone office houses the human resources, finance/purchasing and marketing departments. SC outsources its IT to CyHelm, an IT firm out of West London.

You are the Chief Information Security Officer (CISO) of SC. You report directly to the CIO. You have also been assigned to appoint a new Data Protection Officer, currently interviewing candidates.

The COVID-19 pandemic and the requirement for most organisations to change their modus operandi to remote working has led to a spike of high-profile cyber incidents, resulting in digital services outages which have attracted media attention. SC also has to comply with UK requirement to gain the Cyber Essentials Plus Certification in order to participate in Department of Defence projects. These two issues have led SC’s board of directors to take a highly radical approach to security.

There is now an overwhelming need to assess the risk for these two issues; risks of remote working and risks related to the activities required to be undertaken in order to achieve the Cyber Essential + accreditation. The board has suggested that the company should establish an information risk management strategy, commencing from a thorough risk assessment.

The members of the board have heard that capability maturity models provide holistic, enterprise level risk assessments. The CIO has asked you to review existing capability maturity models and provide a report outlining the model you believe is more applicable to SC while analysing how it should be applied within the company.

Executive Summary:

The report is intended for the consumption of the board members of SC. Thus, an Executive Summary, of no more than 2 pages must be included at the beginning of the Report.

Part A: Review

Capability maturity models for Information or Cyber Security, such as the Cybersecurity Capability Maturity Model[1], are tools for evaluating an organisation’s cyber/information security posture while illustrating organisational progression.

In the first part of the report you are required to provide a literature review of existing capability maturity models (this may include summarising the features of each model, the business areas it addresses and the assessment methodology it uses) and explain which model you recommend should be applied within SC.

Part B: Organisational Risk Landscape

Write a section which:

1. Identifies the risks related to remote working of staff for your corporate environment.

2. Identifies the risks related to the activities required to be undertaken in order to achieve the Cyber Essential Plus certification.

3. Describes the process for the implementation of the model within SC.

4. Explains why the recommended model is suitable to address the risks identified in the previous section.

 

[1] https://www.energy.gov/ceser/activities/cybersecurity-critical-energy-infrastructure/energy-sector-cybersecurity-0

The Homework Labs
Calculate your paper price
Pages (550 words)
Approximate price: -

Our Advantages

Plagiarism Free Papers

We ensure that all our papers are written from scratch. We deliver original plagiarism-free work. To guarantee this, we submit all work alongside a plagiarism report.

Free Revisions

All our papers are completed and submitted before the deadline. We ensure this to provide you with enough time to go through the work and point out any sections or topics that may need revision or polishing. We provide unlimited revision services for free.

Title-page

All papers have a title page providing your personal and institutional information. We do not charge you for this title page.

Bibliography

All papers have a bibliography or references page. This page is a requirement for academic and professional documents. We provide this page at no cost for all our papers.

Originality & Security

At Thehomeworklabs, we guarantee the confidentiality and security of your information. We value our clients and take confidentiality seriously. All personal information is treated with confidentiality and stored safely to ensure that no third parties gain access to it. We also provide original work and attach an originality/plagiarism report alongside all papers.

24/7 Customer Support

Our customer support team is available 24/7 to provide you with any necessary assistance when you need it. You can contact us at any time, day or night, via email or through the live chat button.

Try it now!

Calculate the price of your order

Total price:
$0.00

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

We provide our customers with the best experience in the academic and business writing field.

Pricing

Flexible Pricing

We provide the best quality of service at affordable prices. We also allow our clients to make partial payments for their orders. You can also contact our customer support team in case you need to discuss a different payment plan.

Communication

Admission help & Client-Writer Contact

We realize that sometimes clarification is necessary to ensure that quality work is done. Therefore, we provide a button for clients and writers to communicate in case some clarification is needed.

Deadlines

Paper Submission

We ensure that we submit all papers ahead of their respective deadlines. This allows you to go through the documents and request any revision, corrections, or polishing before the paper is due.

Reviews

Customer Feedback

We encourage customer feedback, positive or negative. We can identify the various areas that we need to improve to provide even better services through your feedback. Please feel free to give us feedback.