Step 12: Write the Risk Assessment Summary Report
Throughout this project, the necessary information has been assembled to provide your boss Maria with a risk assessment so that she may begin developing a long-term risk management strategy. This final step is compiling that information into a cogent “summary report” for presentation to company executives. This report will summarize the Vulnerability and Threat Assessment with the addition of the Risk Assessment just completed.
It is critical to provide recommendations to help the organization implement effective information risk management practices. Use findings in the previous steps to recommend risk management strategies such as least privilege, separation of duties, mandatory vacation, risk management technologies, and others you have found appropriate.
Remember, the recommendations included in the report should address all aspects of the researchâ€”business, economic, and technical reasoning for the conclusions.
Follow these Final Risk Assessment Summary Report requirements while writing the final risk assessment summary.
Final Risk Assessment Summary Report Template
Your CIO, Maria Sosa, has asked you to write a “what if” report outlining risks and responses.
Final Risk Assessment Summary Report (five- to seven-page report using this template: Step 13). This report should include the following components:
- Title Page
- for whom you are preparing the document, the title, the date prepared, and your name as the preparer of the document
- Executive Summary
- the purpose of the report, intended audience, and an explanation of the importance of risk assessment
- relevant external/environmental factors (from Step 6)
- Prioritized Risks and Response Matrix (table from Step 10)
- Recommended Risk Management Strategies and Technologies (one- to two-page narrative, from Step 11)
- a summary of your Prioritized Risks and Response Matrix
- the consideration of relevant compliance issues
- Risk Management Implementation Recommendations (two- to three-page narrative)