Security Threat Assessment Report: This is an individual assignment

in the form of a business report.

Using the organisation you documented in Continuous Assessment 1,

write a report summarising common threats and vulnerabilities relevant
to the organisation, with justified, recommended controls for one of the
most urgent threats.

You may use published information regarding threats and vulnerabilities

as can be found from security vendors, such as:

 SophosLabs Threat Report

 CrowdStrike Global Threat Report
 Verizon Data Breach Investigations Report
You may also research and use other threat reports and these should be
clearly referenced within the report.

The report must include a detailed evaluation of compensating controls

that can be used by the organisation to mitigate against one of the most
urgent threats.  The selection of the threat must also include justification
for why it is considered an urgent threat to the organisation.

The outcome from your evaluation of the controls should be summarised

in a clear set of recommendations for improving the organisation’s control
environment and the ability to prevent, detect, respond to and recover
from the threat which you have selected.

The report should be written in professional business language, aimed at

the (non-technical) senior leadership/executive team of your organisation
and include the following sections:

 Executive Summary
 Organisational Background (from Continuous Assessment 1)
 Threats and Vulnerabilities
 Key Threat
 Compensating Controls
 Recommendations
Your report should be 3,000 words (+/-10%) in length. You will need to
concentrate on delivering a concise report while ensuring that all relevant
topics are covered with consideration of the intended audience.

All references must be cited in-text and included in a reference list using
the UniSA Harvard referencing style.
Security Threat Assessment Report: This is an individual assignment
in the form of a business report.

Using the organisation you documented in Continuous Assessment 1,

write a report summarising common threats and vulnerabilities relevant
to the organisation, with justified, recommended controls for one of the
most urgent threats.

You may use published information regarding threats and vulnerabilities

as can be found from security vendors, such as:

 SophosLabs Threat Report

 CrowdStrike Global Threat Report
 Verizon Data Breach Investigations Report
You may also research and use other threat reports and these should be
clearly referenced within the report.

The report must include a detailed evaluation of compensating controls

that can be used by the organisation to mitigate against one of the most
urgent threats.  The selection of the threat must also include justification
for why it is considered an urgent threat to the organisation.

The outcome from your evaluation of the controls should be summarised

in a clear set of recommendations for improving the organisation’s control
environment and the ability to prevent, detect, respond to and recover
from the threat which you have selected.

The report should be written in professional business language, aimed at

the (non-technical) senior leadership/executive team of your organisation
and include the following sections:

 Executive Summary
 Organisational Background (from Continuous Assessment 1)
 Threats and Vulnerabilities
 Key Threat
 Compensating Controls
 Recommendations
Your report should be 3,000 words (+/-10%) in length. You will need to
concentrate on delivering a concise report while ensuring that all relevant
topics are covered with consideration of the intended audience.

All references must be cited in-text and included in a reference list using
the UniSA Harvard referencing style.