First Formal Risk Assessment
The goal of this assessment is to give learners the opportunity to demonstrate their ability to produce a risk assessment for a Fintech company based on a given scenario.
Your client is a growing, Dublin-based, Fintech business with 60 staff, 40 of these employees have been recruited in 6 months. 90% of the staff are currently working from home using a mix of company and personal IT devices. The company handles sensitive databases and records as part of its typical business practice. The company is also involved with software development. The IT department handles the day-to-day data security. This will be the first formal risk assessment undertaken at the company.
The CEO has a good understanding of cybersecurity and is eager to comply with regulations and protect the company from cyber-risks.
As a reference point, the following website is a company similar to the one we are working with: https://www.aikido.finance/
• What factors would need to be examined in a risk assessment process?
• Have we documented and assessed the assets which need to be protected?
• Which risk mitigation actions need to be considered?
• Are there data policy documents that need to be in place?
• What factors would benefit the overall cybersecurity posture of the company?
Your Task: Provide a risk assessment report focused on identifying and mitigating risks within the organization.