The ability to develop a risk register is a skill needed by all cybersecurity leaders when assessing cybersecurity risks. A risk register provides a detailed listing of known risks as well as quantitative or qualitative assessments of those risks, resulting in the prioritization of action.
In a 4-page Word document, design an assessment tool that would be used to evaluate and rate human factor risks. Address the following:
- Develop a risk register, and list 10 examples of human factors risks. Be sure to include one black swan event, and rate the risk using a severity of impact and a probability of occurrence scale.
- Provide a narrative explanation of each risk and your rationale for rating it as you did.
Format your paper as follows:
- Cover page (does not count toward the 4-page requirement)
- Risk register (either as a Word table or a table imported from Excel); include the following for each risk:
- List the risk number
- Risk description
- Business impact
- Rating of the severity of impact on a scale of 1–10, with 10 being the most severe
- Probability of occurrence rating on a scale of 1–10, with 10 being the most likely
- Overall risk score
- Mitigation actions
- Risk narratives with a narrative for each risk listed on the risk register; provide the following for each risk:
- A description of the risk
- An explanation of the risk rating
- A description of the mitigation actions