University of the Potomac Cyber Security WBYT Risks Assessment Plan Paper

Create an assessment plan to determine supplier risks for the project outlined in Appendix A. Specifically, describe the form of the assessment model against which risk will be assessed. Create a protection profile to ensure that the busi- ness unit meets its security objectives. Create a detailed process to identify and assess risks against the protection profile.
To help this process, create a generic checklist that displays the requirements of the protection profile within the practice areas of the SSE-CMM. Use the pro- file to identify the likelihood and consequence of each potential risk in the case, and then provide a capability estimate. Your goal is to itemize all the gaps you identify by comparing required practices to the current processes at WBYT.
Develop a plan to ensure that the organization reaches Level Three (Managed). Your plan can use the what versus how level of specification. However, you need to specify secure system engineering practices and define general management approaches for each level of specification. The final outcome of this project should be a clear plan based on objective assessment data that advances WBYT from an undefined level of practice to a proper level of management.