CLA #2 Information Security Risk Assessment & ERM
In no more than 500 words maximum (i.e., 1 to 1.5 page/s), briefly address all three of the following tasks and activities below.
Task A. Review the following three statements related to risk appetite.
NOTE: Have a look a PDF file on section 3.2
WEBSITE: https://www.rba.gov.au/about-rba/our-policies/risk-management-policy.html (on section 1.3)
NOTE: Have a look a PDF file
Task, Evaluate the relative strengths of each, explaining which you like best and why (6 marks)
Task B. Review the University of Melbourne Cybersecurity mission statement.
The 100-word statement was presented in the Module 3 lecture as a good starting model/example for developing a high-level Cybersecurity mission statement for Trusted Health Clinic.
WEBSITE: https://www.unimelb.edu.au/cybersecurity/about/mission
The statement indicates the University’s appetite for risk in the sentence:
As a key centre for innovation within our community, the University pushes the boundaries of conventional use of technology,
but we do so with a focus on protecting our systems and information.
Task: Thinking about what you learnt in task A above, briefly describe how you would improve this high-level statement, while ensuring that Uni Melb (should they follow your advice) could maintain a mission statement that does not exceed 250 words (2 marks)
i.e., a mission statement that briefly describes the overarching cybersecurity purpose, how that fits with the value creating activities of the organisation and expresses risk appetite and tolerance briefly at a high strategic level for the organisation overall.
Task C. Prepare your “first blush” draft of a Cybersecurity Mission statement for Trusted Health Clinic.
Based on what you have learnt in preparing responses for task A & B above prepare a first draft Cybersecurity mission statement for The Trusted Health Clinic that includes your all the elements described for a mission statement above.
Task: Draft THC Cybersecurity statement review (2 marks)