Attention Catherine Owen

  
Assessing and Managing Security Risks: A Case Study

Top of Form
  
Hide Assignment Information
 
Turnitin®
 
This assignment will be submitted to Turnitin®.
 
Instructions
 
No   directly quoted material may be used in this project paper.
Resources   should be summarized or paraphrased with appropriate in-text and Resource   page citations.
PLEASE   NOTE: Because of the requirements for many to maintain social distancing   during pandemic conditions, we are leading with the Alternate Final Project   described below as the primary option for your final project site assessment.   This Alternate Final Project focuses on a virtual site assessment of the UMGC   Largo Academic Center. Research is virtual and/or to be conducted via open   sources. Please do not contact UMGC officials to ascertain information about   the site, the elements of the final project, or the planning instrument!
If you   would like and are able/comfortable, you may proceed with the on-site Final   Project described below the Alternate Final Project here (towards the   bottom). 
Alternate Final Project: Case Study
I.   Alternate Project: Initial Note
This   case study is designed for those who are unable to identify a suitable   organization (as defined in the Final Project description listed in the   online classroom) within the geographic proximity of their current residence   or work and/or are unable to complete the site visits that normally occur   during the process for any security risk assessment.  Those authorized to   complete this Alternate Final Project must employ their   research skills fervently to learn as much as possible about the site and the   surrounding area.  Interviews and discussions with security executives   about general security principles that might be applicable to the site under   review are encouraged.  Those completing this project are also reminded   to fully utilize the risk management principles discussed in class along with   the multitude reading resources.
II.   Risk Assessment/Security and Safety Plan
Scenario: As a new aspiring professional with PLP   Security Solutions, an upstart consulting firm specializing in conducting   risk assessments and developing effective management strategies for   mitigating threats and protecting assets from harm or loss, you have been   assigned your first project after completing your initial company orientation   and on-the-job-training.  You are advised that PLP Security Solutions   has contracted with the University of Maryland University College (UMUC) to   conduct risk assessments of their multiple facilities and operations that   include a security plan designed to effectively protect the institution’s   assets, including any real or personal property, tangible or   intangible.  Your specific assignment is to complete a risk   assessment and develop a security plan for the facility and operations at   the UMUC Academic Center at Largo, 1616 McCormick Drive, Largo,   Maryland, 20774.
(http://www.umuc.edu/locations/regional/academic-center-at-largo.cfm)
The   initial briefing you receive about the site is that UMUC purchased the   236,000 square-foot building in 2008 and it is located in Prince   George’s County, Maryland.  The building has high visibility since it is   situated near major thoroughfares, including the Capital Beltway, Interstate   495, and is close to the Largo Town Center Metro station.  The building   is located on a 20-acre site and houses classrooms, conference rooms,   computer laboratories and servers, faculty and supporting staff offices,   financial aid offices, a Veterans office, a physical fitness room and   associated equipment, vending machines, study and lounge areas for students   and staff, and maintenance offices and storage.  The property includes ample   parking for faculty, staff, students, and visitors.  The property is   large enough to accommodate the construction of another good-sized building.    Those entering the property in their vehicles to work, attend class, or   otherwise conduct business at the facility are not routinely subjected to any   external security checks prior to entering the building. 
Although   this is a good start, you know there is much more to know about the   institution and its current security operation and how effective it has been   in protecting UMUC assets.  Thorough, independent research is the key   component to the successful completion of this project.  Students are   encouraged to begin their research using the URL listed above for the UMUC   Academic Center at Largo.  From that site, students can access UMUC   Safety and Security Policies, UMUC Frequently Asked Security Questions,   Emergency Preparedness, Police Coordination, Health and Safety, Crime and   Personal Safety, and Response Emergency Assessment Crisis Team.     The UMUC 2017 Annual Safety and Security Report should also be reviewed   for relevant information.  It can be found at https://www.umuc.edu/documents/upload/annual-safety-and-security-report-2017.pdf.  There are various UMUC and other   online resources students must employ to gather the information   about the facility and its operation required to assess physical and   cyber security risks.  One such source is the Facility Executive   Magazine: Creating Intelligent Buildings, located at https://facilityexecutive.com/.  Students should consider consulting with the UMUC Librarian   for research assistance. 
III.   Project Background and Requirements:  According   to the Department of Homeland Security, “risk management is the process for   identifying, analyzing, and communicating risk and accepting, avoiding,   transferring, or controlling it to an acceptable level considering associated   costs and benefits of any actions taken” (DHS Risk Lexicon, September, 2010,   p. 31).  As result of your academic study at UMUC and your military and   civilian work experiences, you know that enterprise risk   assessment and management are key job responsibilities for security   practitioners.  More significantly, you recognize that assessing and   managing risk are actually critical competencies required of a   security practitioner, such as yourself, and proficiency in completing these   tasks must be demonstrated consistently throughout one’s security career to   be fully successful as a bona fide security professional (Enterprise Security   Risks and Workforce Competencies: Findings from an Industry Roundtable on   Security Talent, Summer 2013, p. 8).
As a   part of any risk management process, PLP Security Solutions requires   you to employ your knowledge, skills, and abilities in applying the risk   assessment and management principles and methodology outlined by   ASIS International’s “General Security Risk Assessment Guideline,” which   includes the following: identifying all the assets requiring protection at   the site you have selected and “understanding” the organization you are   evaluating; determining all the possible criminal and non-criminal risk   events confronting the organization; establishing the probability and impact   of loss risk events; identifying physical, procedural, and virtual security   control options for mitigating risks; assessing the feasibility of   implementing those security options; and conducting a cost-benefit analysis   of the security options under consideration or specifically recommended.       
Within   the context of protecting a client’s assets from harm or loss, PLP also   expects you to address the following general topics in the   Risk Assessment/Security and Safety Plan:
· Cyber/communications   security
· Workplace   violence prevention and response, including active shooter threats
· Crisis   (emergency) management and response (natural disasters, fire, terrorism, lone   wolf attacks, etc.); business continuity planning
· Employee   selection, screening, rescreening (insider threats) 
· Physical   plant intrusion (e.g., burglary)
· Property   damage, interior and exterior (e.g., vandalism, theft, etc.)
· Personal   security (e.g., assault, personal property loss/damage, robbery, etc.)
· Information/records   physical security
· Litigation   for inadequate security, including negligent hiring/supervision/retention,   and other legal issues unique to the site
· OSHA   safety standards potentially applicable at the site and violations
· Training   practices
· Unethical   business practices
· Liaison   activities with first responders, security professional organizations
· Other   security issues germane to the site.
These   topics were discussed throughout the course of study and include, in broad   terms, the various risks to assets; security and safety control operating   standards, guidelines, and procedures; and management and operational issues   and challenges confronting security practitioners.  You will incorporate   into the Risk Assessment/Security and Safety Plan a succinct discussion for   each of the topics as they relate to the organization and the site under   review.  
PLP   also expects that you include in the project “deliverable”   (paper) specific recommendations for enhancing security and   protecting the organization’s assets from harm or loss.  As the   consultant on site, you understand the client is entitled to the results of   any and all analyses you complete, along with a description of any necessary   actions the client should consider in view of your observations and findings.    
Since   this is your first project with PLP, you are keenly aware of the   significant opportunity you have for demonstrating your technical and   analytic competence in assessing and managing risk and applying the   associated core principles.  Moreover, the project also serves to   establish your literacy in other crucial areas of the security industry,   including business and financial management, written and oral communication   skills, anticipatory and strategic planning, decision-making, critical   thinking, persuasive influencing, and maximizing others’ performance   (Security Industry Survey of Risks and Professional Competencies, Fall 2013,   p. 9).  For you, the “bottom line” is to provide a credible,   comprehensive product to the client and, at the same time, show the PLP   Security Solutions corporate executives that your skills, abilities,   and work ethic and product adds tremendous value to the   PLP organization. 
IV. Risk   Assessment/Security and Safety Planning Instrument: Instructions for   Conducting Site Observations and Research
Note: Typically,   PLP consultants would be expected to complete site visits during the day and   evening hours to gather the information required to complete this   project. Because student-consultants presented the supervisor-instructor   bonafide challenges that prohibit them from making site visits, none are   required in this Alternate Final Project.  Since consultants cannot make   personal, on-site observations at the facility, they must rely totally on   their course classroom resources and the thoroughness and capacity   of their library and online research to:
·  Understand   the organization and its facility, operations, and possible assets
· Identify   the various risk events possible and likely to occur at   the site
· Assess   the impact or harm (criticality) that can result from those risk events
· Develop   feasible risk mitigation options that potentially include physical,   procedural, and logical security controls
· Assess   cost/benefit of recommended security enhancements. 
PLP   consultants are required to use the “Risk Assessment/Security and   Safety Planning Instrument” as a template or guide when   conducting independent research to record the following:
·  Research   and observations in response to the survey questions and other information   required to be collected
· Interviews   and discussions with security or company executives about general security   procedures and processes (that might be applicable to the UMUC site), only if   arrangements can be made by the consultant
· Drafts   of any necessary diagrams that will be finalized and included in the final   project
· Completed   research notes and accompanying draft references.
Note: PLP consultants may be unable to collect   all the information listed on the planning instrument for a number of   reasons.  This is particularly true when site visits cannot be made   and/or interviews with security officials are not conducted. However, with   thorough research, along with the review and application of the   concepts, principles, and standards presented in all the online educational   resources listed in the classroom, PLP consultants will be able   to gather and record sufficient information to successfully   complete this project.  Consultants may disregard any reference in   the planning instrument to onsite visit dates and site security   representative names and contact numbers.
Refer   to the instructions for completing the “Risk Assessment/Security and   Safety Planning Instrument” for   additional information and guidance for this project.  This document   will be maintained as a “work paper” and submitted to the supervisor as   described below.
V.   Writing Assignment Requirements:    PLP consultants will write a Risk Assessment/Security and Safety Plan primarily   based on their general and specific research conducted about   the UMUC Academic Center at Largo.   This includes interviews and   discussions with security or other organization executives consultants might   be able to obtain that focus on general and security procedures and   processes.
The paper   will total between 1,700 (minimum) to 2,500 (maximum) words (about 7-10   pages, not including the title page, abstract, reference page, or attachments   depicting photographs and diagrams).  Consultants must select Microsoft   Word’s Tools >Word Count to confirm conformity with word count   requirements. 
Consultants   are required to systematically apply the risk management   principles and processes discussed throughout the course and as   discussed above.  Consultants will also ensure:
· The   Risk Assessment/Security and Safety Plan includes a strong   introductory section at the beginning that thoroughly explains   the purpose of the document and incorporates a brief summary of the   facility under review (organization name, address, building description,   business and/or purpose of building, hours/days of operation, etc.).    Included in the introductory section should be a brief overview of security   issues that will be addressed in the security plan.  You should review   the project description to complete this section. The loss prevention   measures and security controls currently in place must be described   based on your research.
· Include in   a section of the paper a brief discussion of the risk management methodology used   to rank order or quantify security risks to ascertain the most serious risks   based on the probability of occurrence and impact (e.g. very likely to occur,   extreme impact), requiring the organization’s urgent action and those less   critical and/or less likely to occur that may be addressed later.  Note: To   enhance the presentation of the risk assessment findings, consultants will   devise and present a criticality/probability matrix for all identified risks.
· The   general topic areas previously described are discussed in the Risk   Assessment/Security and Safety Plan as they relate to the organization and   the site under review.
· Based   on the results of the risk assessment, consultants will identify and detail   security vulnerability areas in the paper and provide recommendations   for security improvement by initiating and/or updating specific   physical, procedural, and virtual controls, contingency procedures for   emergencies or other non-criminal and criminal risk events, along with any   policy revisions required to enhance the organization’s overall security   apparatus.
VI. Format   and Related Requirements: Consultants   will include a minimum of four (4) attachments of photographs   or sketches capturing security concerns or general references in   the Risk Assessment/Security and Safety Plan.  Do not   incorporate these attachments into the narrative of the paper.    Locate them after the last page of the narrative, before REFERENCES,   and be sure to number them so you can effectively refer to them in your   narrative.  When doing so, be sure to provide a cogent explanation of   the attachments.  Also be sure to provide citations for each of the   photos and sketches. Note:  Attachments and the descriptive   information listed on them are not included in the project word count   constraints.  
Other   requirements include:
· References   must include at least three (3) external (not class instructional material)   scholarly sources. that support the points made in the   report.   Refer to the following UMUC link for information   about scholarly sources: http://sites.umuc.edu/library/libhow/articles.cfm .
· No   directly quoted material may be used in this project paper.  Resources   should be summarized or paraphrased with appropriate in-text and Resource   page citations.
· Paper   must be a Word document, double-spaced, 12 pt. font, 1” margins.
· American   Psychology Association (APA) in-text citations for all sources must be   used.
· Reference   page titled References using APA format guidelines must be   included (not included in word count).
· DON’T   for get to follow APA format and place page numbers on the   deliverable.
· A cover   page for the assignment that includes name, course title and number, project   title, and date of submission must be included (not included in word   count).  No other information or drawings or designs are permitted.
VII.   Submission Requirements:  Consultants   will submit the “Risk Assessment/Security and Safety Plan” with the listed   attachments (Photos and/or Sketches).  Additionally, as a   separate document, consultants will submit the “Risk Assessment/Security   and Safety Planning Instrument” (work product), complete with responses   (which may be handwritten) to the questions and other information required.    Both documents must be submitted separately to   the Assignments Folder by the designated due date.
VIII.   Project Grading Rubric Review:   Consultants are encouraged to closely review the grading rubric used to   assess performance on the final project before planning, writing, and   submitting the paper.  The initial element of the rubric relates to the   submission of the planning instrument and its degree and quality of   responsiveness to the requirements.  The rubric elements then evaluate   the diligence demonstrated in conforming to the requirements for completing   the introduction and stated purpose of the paper, the level of responsiveness   in addressing the general topics listed in the project description, and the   levels of conformity with grammar and format standards.  Several rubric   elements assess your ability in applying the various risk assessment and   management core principles.   
If you   are still choosing to do the on-site assessment, please refer to the below   instructions:
No directly   quoted material may be used in this project paper.
Resources   should be summarized or paraphrased with appropriate in-text and Resource   page citations.
Final   Project: Case Study 
Risk   Assessment/Security and Safety Plan
I. The   Setting: As a   new aspiring professional with PLP Security Solutions, an upstart consulting   firm specializing in conducting risk assessments and developing effective   management strategies for mitigating threats and protecting assets from harm   or loss, you have been assigned your first project after completing your   initial company orientation and on-the-job-training.  Your supervisor   offers you the opportunity to select any one of the following enterprises   from a list of clients who have just contracted with PLP Security Solutions   to conduct risk assessments of their facilities and operations that include a   security plan designed to effectively protect their assets:
· A   full-service grocery store
·  
o Acceptable:   national/regional food store chain (e.g., Giant, Kroger, Win-Dixie, military   base commissary, etc.)
o Not   acceptable: local mini-mart (e.g., 7-Eleven, Wa-Wa, Highs, etc.)
· A   full-service department store
·  
o Acceptable:   national/regional department store (e.g., Macys, Sears, Wal-Mart, military   base PX, etc.)
· A   full-service hardware store
·  
o Acceptable:   national/regional chain hardware/lumber retailer (e.g., Lowes, Home Depot, 84   Lumber, military base PX, etc.)
· A local   public library
·  
o If the   library is contained within another building or structure, then the risk   assessment/security plan should address the structure in general, and the   library in particular as the security target.
II.   Important Project Identification Procedural Note: As a PLP security consultant, you must   select only one of the entities (sites) listed above that is   located in the most conducive geographic area for you to visit, observe, and   complete this project.  To avoid any confusion about acceptable sites,   you are to provide your PLP supervisor (instructor) the following information   before commencing any work on this project: 1) name of the organization you   have selected; 2) location (address); and 3) name and title of the site point   of contact, if one is established.   
Site   selection and supervisor (instructor) notification must be made using the   classroom Assignments Folder for the project marked “Final   Project Selection Approval” by the listed due date.
III.   Project Background and Requirements:  According   to the Department of Homeland Security, “risk management is the process for   identifying, analyzing, and communicating risk and accepting, avoiding,   transferring, or controlling it to an acceptable level considering associated   costs and benefits of any actions taken” (DHS Risk Lexicon, September, 2010,   p. 31).   As result of your academic study at UMUC and your   military and civilian work experiences, you know that enterprise risk   assessment and management are key job responsibilities for security   practitioners.  More significantly, you recognize that assessing and   managing risk are actually critical competencies required of a security   practitioner, such as yourself, and proficiency in completing these tasks   must be demonstrated consistently throughout one’s security career to be   fully successful as a bona fide security professional (Enterprise Security   Risks and Workforce Competencies: Findings from an Industry Roundtable on   Security Talent, Summer 2013, p. 8).
As a   part of any risk management process, PLP Security Solutions requires you to   employ your knowledge, skills, and abilities in applying the risk assessment   and management principles and methodology outlined by ASIS International’s “General   Security Risk Assessment Guideline,” which includes the   following: identifying all the assets requiring protection at the site you   have selected and “understanding” the organization you are evaluating;   determining all the possible criminal and non-criminal risk events   confronting the organization; establishing the probability and impact of loss   risk events; identifying physical, procedural, and virtual security control   options for mitigating risks; assessing the feasibility of implementing those   security options; and conducting a cost-benefit analysis of the security   options under consideration or specifically recommended.       
Within   the context of protecting a client’s assets from harm or loss, PLP also   expects you to address the following general topics in the Risk   Assessment/Security and Safety Plan:
· Cyber/communications   security
· Workplace   violence prevention and response, including active shooter threats
· Crisis   (emergency) management and response (natural disasters, fire, terrorism, lone   wolf attacks, etc.); business continuity planning
· Employee   selection, screening, rescreening (insider threats) 
· Physical   plant intrusion (e.g., burglary)
· Property   damage, interior and exterior (e.g., vandalism, theft, etc.)
· Personal   security (e.g., assault, personal property loss/damage, robbery, etc.)
· Information/records   physical security
· Litigation   for inadequate security, including negligent hiring/supervision/retention,   and other legal issues unique to the site
· OSHA   safety standards potentially applicable at the site and violations
· Training   practices
· Unethical   business practices
· Liaison   activities with first responders, security professional organizations
· Other   security issues germane to the site.
These   topics were discussed throughout the course of study and include, in broad   terms, the various risks to assets; security and safety control operating   standards, guidelines, and procedures; and management and operational issues   and challenges confronting security practitioners.  You will incorporate   into the Risk Assessment/Security and Safety Plan a succinct discussion for   each of the topics as they relate to the organization and the site under   review.  
PLP   also expects that you include in the project “deliverable” (paper) specific   recommendations for enhancing security and protecting the organization’s   assets from harm or loss.  As the consultant on site, you understand the   client is entitled to the results of any and all analyses you complete, along   with a description of any necessary actions the client should consider in   view of your observations and findings.  
Since   this is your first project with PLP, you are keenly aware of the significant   opportunity you have for demonstrating your technical and analytic competence   in assessing and managing risk and applying the associated core principles.    Moreover, the project also serves to establish your literacy in other   crucial areas of the security industry, including business and financial   management, written and oral communication skills, anticipatory and strategic   planning, decision-making, critical thinking, persuasive influencing, and   maximizing others’ performance (Security Industry Survey of Risks and   Professional Competencies, Fall 2013, p. 9).  For you, the “bottom line”   is to provide a credible, comprehensive product to the client and, at the   same time, show the PLP Security Solutions corporate executives that your   skills, abilities, and work ethic and product adds tremendous value to the   organization. 
IV.   Risk Assessment/Security and Safety Planning Instrument: Instructions for   Conducting Site Observations and Research
Note: PLP   consultants must visit the selected site at least one time to gather the   information required to complete this project; however, two visits are   recommended, one during the day and one during the evening. Be sure to note   in the project deliverable (paper) the dates and times you visited the site.   If applicable notify the supervisor immediately after the course begins to   explain the issue or challenge that prohibits you from making a site visit.   
PLP   consultants are required to use the “Risk Assessment/Security and   Safety Planning Instrument” (See attachment.)  as a   template or guide when visiting the selected site and conducting your   independent research to record the following: 
· Onsite   observations in response to the survey questions and other information   required to be collected
· Discussions   with security or other company executives, only if arrangements can be made
· Drafts   of any necessary diagrams that will be finalized and included in the final   project
· Completed   research notes and accompanying draft references. 
Note: PLP consultants may be unable to collect   all the information listed on the planning instrument for a number of   reasons.  This is particularly true when they are unable or reluctant to   secure the assistance of an organization representative.  However, with   thorough, unobtrusive, and discreet observations and independent research,   along with the review and application of the concepts, principles, and standards   presented in all the online educational resources listed in the classroom,   PLP consultants will be able to gather and record sufficient information to   successfully complete this project.   
Refer   to the instructions for completing the “Risk Assessment/Security and Safety   Planning Instrument” for   additional information and guidance for this project.  This document   will be maintained as a “work paper” and submitted to the supervisor as   described below.
V.   Writing Assignment Requirements:    PLP consultants will write a Risk Assessment/Security and Safety Plan based   on their personal observations of the documented, authorized   site; conversations with security or other executives with   knowledge of security operations at the site (if arranged), and the   consultant’s general and specific research conducted about   the organization selected for the project.  The paper will total between   1,700 (minimum) to 2,500 (maximum) words (about 7-10 pages, not including the   title page, abstract, reference page, or attachments depicting photographs   and diagrams).  Consultants must select Microsoft Word’s Tools >Word   Count to confirm conformity with word count requirements. 
Consultants   are required to systematically apply the risk management principles   and processes discussed throughout the course and as discussed   above.  Consultants will also ensure:
· The   Risk Assessment/Security and Safety Plan includes a strong introductory   section at the beginning that thoroughly explains the purpose of the document   and incorporates a brief summary of the facility under review (organization   name, address, building description, business and/or purpose of building,   hours/days of operation, etc.).  Included in the introductory section   should be a brief overview of security issues that will be addressed in your   security plan.  You should review the project description to complete   this section.  The dates and times you visited the site must be cited   and the loss prevention measures and security controls currently in place   must be described.
· Include   in a section of the paper a brief discussion of the risk management methodology used   to rank order or quantify security risks to ascertain the most serious risks   based on the probability of occurrence and impact (e.g. very likely to occur,   extreme impact), requiring the organization’s urgent action and those less   critical and/or less likely to occur that may be addressed later.  Note: To   enhance the presentation of the risk assessment findings, consultants will   employ a criticality/probability matrix for all identified risks.
· The   general topic areas previously described are discussed in the Risk   Assessment/Security and Safety Plan as they relate to the organization and   the site under review.
· Based   on the results of the risk assessment, consultants will identify and detail   security vulnerability areas in the paper and provide recommendations for   security improvement by initiating and/or updating specific physical,   procedural, and virtual controls, contingency procedures for emergencies or   other non-criminal and criminal risk events, along with any policy revisions   required to enhance the organization’s overall security apparatus.
VI.   Format and Related Requirements: Consultants   will include a minimum of four (4) attachments of photographs or sketches   capturing security concerns or general references in the Risk   Assessment/Security and Safety Plan.  Do not incorporate these   attachments into the narrative of the paper.  Locate them after the   last page of the narrative, before REFERENCES, and be sure to number them so   you can effectively refer to them in your narrative.  When doing so, be   sure to provide a cogent explanation of the attachments.  Also be sure   to provide citations for each of the photos and sketches. Note:    Attachments and the descriptive information listed on them are not included   in the project word count constraints.  
Other   requirements include:
· References   must include at least three (3) external (not class instructional material)   scholarly sources. that support the points made in the   report.   Refer to the following UMUC link for information   about scholarly sources: http://sites.umuc.edu/library/libhow/articles.cfm .
· No   directly quoted material may be used in this project paper. Resources should   be summarized or paraphrased with appropriate in-text and Resource page   citations.
· Paper   must be a Word document, double-spaced, 12 pt. font, 1” margins.
· American   Psychology Association (APA) in-text citations for all sources must be   used.
· Reference   page titled References using APA format guidelines must be   included (not included in word count).
· DON’T   forget to follow APA format and place page numbers on the   deliverable.
· A cover   page for the assignment that includes name, course title and number, project   title, and date of submission must be included (not included in word   count).  No other information or drawings or designs are permitted.
VII.   Submission Requirements:  Consultants   will submit the “Risk Assessment/Security and Safety Plan” with the listed   attachments (Photos and/or Sketches).  Additionally, as a   separate document, consultants will submit the “Risk Assessment/Security   and Safety Planning Instrument” (work product), complete with responses   (which may be handwritten) to the questions and other information required.    Both documents must be submitted separately to   the Assignments Folder by the designated due date.
VIII.   Project Grading Rubric Review:   Consultants are encouraged to closely review the grading rubric used to   assess performance on the final project before planning, writing, and   submitting the paper.  The initial element of the rubric relates to the   submission of the planning instrument and its degree and quality of   responsiveness to the requirements.  The rubric elements then evaluate   the diligence demonstrated in conforming to the requirements for completing   the introduction and stated purpose of the paper, the level of responsiveness   in addressing the general topics listed in the project description, and the   levels of conformity with grammar and format standards.  Several rubric   elements assess your ability in applying the various risk assessment and   management core principles.   
 
Due   Date
 
Jul 8,   2020 11:59 PM
Hide Rubrics
Rubric Name: Final Project 2182 Risk Assessment -Security Plan
This table lists criteria and criteria group name in the first column. The first row lists level names and includes scores if the rubric uses a numeric scoring method.Criteria
Outstanding -Equivalent to an A
Superior-Equivalent to an B
Good-Equivalent to an C
Unsatisfactiry-Equivalent to an D of F
Submission of the completed “Risk Assessment /Security and Safety Planning Instrument” and its degree and quality of responsiveness to the requirements. Value: 10 Pts.
10 points
Submission of the “Risk Assessment/ Security and Safety Planning Instrument” (work paper) that was completely responsive to the questions and other required information and commentary.
Range: 9.0 – 10.0
8.9 points
Submission of the “Risk Assessment/Security and Safety Planning Instrument” (work paper) that was noticeably responsive to the questions and other required information and commentary.
Range: 8.0 – 8.9
7.9 points
Submission of the “Risk Assessment/Security and Safety Planning Instrument” (work paper) that was satisfactorily responsive to the questions and other required information and commentary.
Range: 7.0 – 7.9
6.9 points
Submission of the “Risk Assessment/ Security and Safety Planning Instrument” (work paper) that was not satisfactorily responsive to the questions and other required information and commentary; or there was no submission of the planning instrument.
Range: D = 6.0 – 6.9; F = 0.0 – 5.9
/ 10
Submission of a “Risk Assessment/Security and Safety Plan” that conforms to the final project description by incorporating an initial “purpose statement” that alerts the reader to the reason, focus, and scope of the paper. Value: 5 Pts
5 points
The “Risk Assessment/Security and Safety Plan” includes a comprehensive introductory purpose statement.
Range: 4.5 – 5.0
4.49 points
The  “Risk Assessment/Security and Safety Plan” includes a good introductory purpose statement.
Range: 4.0 – 4.49
3.99 points
The “Risk Assessment/Security and Safety Plan” includes a satisfactory introductory purpose statement.
Range: 3.5 – 3.99
3.49 points
The “Risk Assessment/Security and Safety Plan” includes a limited or no introductory purpose statement.
Range: D = 3.0 – 3.49; F = 0.0 – 2.99
/ 5
Submission of a “Risk Assessment/Security and Safety Plan” that conforms to the final project description by thoroughly addressing the listed “general topic areas” Value: 15 Pts.
15 points
The “Risk Assessment/Security and Safety Plan” thoroughly addresses ALL the general topic areas listed in the project description.
Range: 13.5 – 15.0
13.49 points
The “Risk Assessment/Security and Safety Plan” thoroughly addresses most of the general topic areas listed in the project description.
Range: 12 – 13.49
11.99 points
The “Risk Assessment/Security and Safety Plan” thoroughly addresses several general topic areas listed in the project description.
Range: 10.5 – 11. 99
10.49 points
The “Risk Assessment/ Security and Safety Plan” thoroughly addresses limited or no general topic areas listed in the project description.
Range:  D = 9.0 -10.49; F = 0.0 – 8.99
/ 15
Risk Management Principle: Understanding the organization/premises under review and the identification of the people and assets at risk. Value 5 Pts.
5 points
Content of the paper demonstrates a comprehensive understanding of how the organization operates, its complexities, and identifies all organizational assets at risk to a variety of hazards.
Range: 4.5 – 5.0
4.49 points
Content of the paper demonstrates a good understanding of how the organization operates, its complexities, and identifies all organizational assets at risk to a variety of hazards.
Range: 4.0 – 4.49
3.9 points
Content of the paper demonstrates a suitable understanding of the organization/premises and identifies several organizational assets at risk to a variety of hazards.
Range: 3.5 – 3.9
3.49 points
Content of the paper demonstrates no or little understanding of the organization/premises and identifies limited or no organizational assets at risk to a variety of hazards.
Range: D = 3.0 – 3.49; F = 0.0 – 2.99
/ 5
Risk Management Principle: Identification of possible loss risk events and vulnerabilities. Value 5 Pts.
5 points
Content of the paper identifies all the possible loss events and vulnerabilities.
Range: 4.5 – 5.0
4.49 points
Content of the paper identifies most of the possible loss events and vulnerabilities.
Range: 4.0 – 4.49
3.9 points
Content of the paper describes several possible loss events and vulnerabilities.
Range: 3.5 – 3.9
3.49 points
Content of the paper describes limited or no possible loss events and vulnerabilities.
Range: D = 3.0 – 3.49; F = 0.0 – 2.99
/ 5
Risk Management Principle: Assessment of loss risk probability and the impact (criticality) of loss risk events and inclusion of a concise description of the methodology used to rank order or quantify those risks. Value 15 Pts
15 points
Content of the paper assesses the probability and impact of all identifiable loss risk events and includes a concise description of the methodology used to rank-order or quantify those security risks.   
Range: 13.5 – 15.0
13.49 points
Content of the paper assesses the probability and the impact of most identifiable loss risk events and includes a concise description of the methodology used to rank-order or quantify those security risks. 
Range: 12 – 13.49
11.99 points
Content of the paper assesses the probability and the impact of several identifiable loss risk events and includes a concise description of the methodology used to rank-order or quantify those security risks.
Range: 10.5 – 11. 99
10.49 points
Content of the paper assesses the probability and the impact of limited or no identifiable loss risk events and includes an a concise description of the methodology used to rank-order or those quantify security risks.
Range:  D = 9.0 -10.49; F = 0.0 – 8.99
/ 15
Risk Management Principle: Assessment of management options to mitigate risks, including the potential security controls to be employed and the feasibility of implementing the options. Value 15 Pts.
15 points
Content of the paper assesses all the options to manage risks, including the potential security controls to be employed and the feasibility of implementing the options.
Range: 13.5 – 15.0
13.49 points
Content of the paper assesses most options to manage risks, including the potential security controls to be employed and the feasibility of implementing the options.
Range: 12 – 13.49
11.99 points
Content of the paper assesses several options to manage risks, including the potential security controls to be employed and the feasibility of implementing the options.
Range: 10.5 – 11. 99
10.49 points
Content of the paper includes limited or no assessment of the options to manage risks, including the potential security controls to be employed and the feasibility of implementing the options.
Range:  D = 9.0 -10.49; F = 0.0 – 8.99
/ 15
Risk Management Principle: Security program cost/benefit analysis. Value: 5 Pts
5 points
Content of the paper presents a comprehensive cost/benefit analysis of the proposed security program.
Range: 4.5 – 5.0
4.49 points
Content of the paper presents a good cost/benefit analysis of the proposed security program.
Range:  4.0 – 4.49
3.9 points
Content of the paper presents a suitable cost/benefit analysis of the proposed security program.
Range: 3.5 – 3.9
3.49 points
Content of the paper presents a limited or no cost/benefit analysis of the proposed security program.
Range:  D = 630 – 3.49; F =  0.0 – 2.99
/ 5
Grammar/Writing Mechanics Value: 10 Pts
10 points
No or minor English and grammar usage errors.  
Range: 9.0 – 10.0
8.9 points
Only a few minor/ inconsequential mistakes in English and grammar.  
Range: 8.0 – 8.9
7.9 points
While there are some mistakes in English and grammar, they still do not interfere with understanding the student’s response or comments.
Range: 7.0 – 7.9
6.9 points
Many mistakes evident in English/grammar usage.  
Range:   D = 6.0 – 6.9; F = 0.0 – 5.9
/ 10
Formatting, references, and APA citations Value: 15 Pts
15 points
Assignment is formatted exactly as required, all required citations and references are present and APA standards are followed in every respect.
Range: 13.5 – 15.0
13.49 points
Assignment is formatted as required with minor/ inconsequential deviations, resource requirements are met, citations and references are present and APA standards are followed. 
Range: 12.0 – 13.49
11.99 points
Assignment mostly formatted as required but missing some required elements/ sources or some APA errors are evident.
Range: 10.5 – 11.99
9 points
Assignment is missing major elements, lacks required sources or APA is not followed however a different citation method is used correctly. 
Range: D = 9.0 – 10.49; F = 0.0 – 8.99
/ 15
Rubric Total ScoreTotal
/ 100
Overall Score
Overall Score
Equivalent to an A90 points minimum

 
Equivalent to a B80 points minimum

 
Equivalent to a C70 points minimum

 
Equivalent to a D or an F0 points minimum

 
      
Bottom of Form