The paper should include: 1) Cover page with name, course title and number, and date submitted. (not to be included in page count). 2) Body of paper: Introduction that provides the purpose of the paper; Discussion of the site selection and the rationale for the site selected; and Components of the risk assessment tool. Use Threat Analysis Groups Risk Assessment Methodology as the risk assessment tool 3) Reference List. 4) Appendix that provides a copy of the Vulnerability Assessment Tool and risk assessment tool that you assembled and used for the project. A question arose about the revised risk assessment and the call for action sections of the paper. The revised risk estimate section of the paper should demonstrate how the level of risk may be further mitigated as a result of implementing the security countermeasures that you recommend in an earlier section of the paper. In other words, among the components of your risk assessment, your paper should also contain a section where you initially assess the level of risk based upon the current security systems in place. Next, your paper should contain your recommended security countermeasures to improve security and mitigate risk. Next, your paper should also contain a section that shows how your recommended security countermeasures will impact and change the levels of risk to critical assets. For example, the initial risk assessment for a bank may rank the risk of a bank robbery high because of the absence of a security officer on the premises during business hours. After recommending a security countermeasure of hiring two security officers to each work 4 hour shifts during banking hours, the revised risk estimate may reflect risk mitigation so that the risk level of a successful bank robbery would be revised from high to medium, unless other significant vulnerabilities still existed. Please remember that the above describes only three sections of a risk assessment. There are other elements of a risk assessment including, for instance, the description of the facility, the identification of critical assets, the consideration of prior incidents and relevant crime data, the identification of vulnerabilities, etc. The call to action section of your paper should be a summary of the top recommended security countermeasures that show a significant likelihood of mitigating risk for a reasonable investment of monetary resources. Of course, changes in organizational policies may also lead to enhanced security. In other words, the call to action should be a section of your paper that demonstrates the biggest bang for the buck by instilling in the organization the motivation to adopt your recommendations for security countermeasures because your analysis leads to the most effective way to mitigate risks while minimizing budgetary costs.
