Resourcesitil Supplier Management Acquisitionpro

Resourcesitil Supplier Management Acquisitionpro

Industry Risk Profile Part 1: Acquisition & Procurement Risk in the Cybersecurity Industry

For this paper, you will investigate and then summarize key aspects of risk and risk management for acquisitions or procurements of cybersecurity products and services. The specific questions that your industry profile will address are:

  • What types of risks or vulnerabilities could be transferred from a supplier and/or imposed upon a purchaser of cybersecurity related products and/or services?
  • Are suppliers liable for harm or loss incurred by purchasers of cybersecurity products and services? (That is, does the risk transfer from seller to buyer?)
  • How can governance frameworks be used by both suppliers and purchasers of cybersecurity related products and services to mitigate risks?

First, you will research how operational risk during the manufacturing, development, or service delivery processes can affect the security posture (integrity) of products and services. You will then explore the problem of product liability and/or risk transference from supplier to purchaser as products or services are delivered, installed, and used. You will then examine the role that IT governance frameworks and standards can play in helping purchasers develop and implement risk mitigation strategies to compensate for potential risk transfer by suppliers. Once you have completed your research and analysis, you will summarize your research in a risk profile.

Research

Write

  • An introduction section which provides a brief overview of the cybersecurity industry as a whole. Why does this industry exist? (Hint: buyers want to procure or acquire cybersecurity related products and services). How does this industry benefit society? Address the sources of demand for cybersecurity products and services. (You may reuse resources and/or narrative from your Case Study #3 assignment.)
  • An operational risks overview section in which you provide an overview of sources of operational risks which could affect suppliers of cybersecurity related products and services and, potentially, compromise the security of those products or services. Discuss the potential impact of such compromises upon buyers and the security of their organizations (risk transfer).
  • A product liability section in which you provide a summary of the current legal environment as it pertains to product liability in the cybersecurity industry. Discuss the potential impact upon buyers who suffer harm or loss as a result of purchasing, installing, and/or using cybersecurity products or services.
  • A governance frameworks & standards section in which you discuss the role that standards and governance processes should play in ensuring that acquisitions or purchases of cybersecurity products and services meet the buyer’s organization’s security requirements (risk mitigation).
  • A summary and conclusions section in which you present a summary of your findings including the reasons why product liability (risk transfer) is a problem that must be addressed by both suppliers and purchasers of cybersecurity related products and services.

Submit For Grading

Submit your risk profile paper in MS Word format (.docx or .doc file) using the Industry Risk Profile Part 1 Assignment in your assignment folder. (Attach the file.)

Additional Information

  • Consult the grading rubric for specific content and formatting requirements for this assignment.
  • Your 5-8 page paper should be professional in appearance with consistent use of fonts, font sizes, margins, etc. You should use headings and page breaks to organize your paper.
  • Your paper should use standard terms and definitions for cybersecurity. See Course Content > Cybersecurity Concepts for recommended resources.
  • The CSIA program recommends that you follow standard APA formatting since this will give you a document that meets the “professional appearance” requirements. APA formatting guidelines and examples are found under Course Resources > APA Resources. An APA template file (MS Word format) has also been provided for your use CSIA_Basic_Paper_Template(APA_6ed,Nov2014).docx.
  • You must include a cover page with the assignment title, your name, and the due date. Your reference list must be on a separate page at the end of your file. These pages do not count towards the assignment’s page count.
  • You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs.
  • You are expected to credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must follow a consistent citation style (APA, MLA, etc.).