Write My Paper Button

WhatsApp Widget

In this assessment you will use the CORAS approach to risk analysis on a provided case study. Assessment criteria This assessment will measure your ability to: Accurately describe the scope

adeptance

2 min read

Purpose/Rationale

In this assessment you will use the CORAS approach to risk analysis on a provided case study.

Assessment criteria

This assessment will measure your ability to:

  • Accurately describe the scope and focus of the risk assessment task, as derived from the given scenario (10%)
  • Accurately describe a viewpoint of the business or organisation for the target and purpose of the risk assessment task (10%)
  • Create an accurate CORAS asset diagram describing a high-level analysis of a list of unwanted incidents, threats, vulnerabilities and threat scenarios (30%)
  • Create an accurate CORAS threat diagram that describes, identifies and estimates threats (30%)
  • Create an accurate CORAS risk treatment diagram that accurately shows the final form of the assessment diagram with all necessary risk treatments, risks and threats identified (20%)

Task details

Read the provided case study and, using the CORAS approach to risk analysis, identify and model applicable risks.

Instructions

Referring to the case study, use the CORAS risk assessment methodology to identify and model applicable risks using asset, threat, risk, treatment and treatment overview diagrams.

Ensure the following deliverables are met in your submission:

1.     Set the scope and focus.

2.     Describe the target (goals of analysis, target in use, business or organisation views of the target).

3.     Show that you understand assets and parties with their respective relationships (asset diagram).

4.     Include a high-level analysis of a list of unwanted incidents, threats, vulnerabilities and threat scenarios.

5.     Include a ranked list of assets, scale of risks, risk function and risk evaluation metrics.

6.     Identify and estimate risk using the threat diagram.

7.     Evaluate risk, including acceptable risks for further evaluation for treatment, using the risk diagram.

8.     Identify and model applicable risks using a risk treatment diagram.

Hint: see Week 3 and the lab session for a tutorial on the CORAS methodology.

Using CORAS language to draw diagrams

Method 1: Download CORAS Language Editor: https://coras.sourceforge.net/downloads.html

(Try Methods 2 or 3 as this method may not work for some)

Method 2: Use Microsoft Visio

Download the required stencils to use CORAS language in Microsoft Visio from the CORAS Downloads webpage : https://coras.sourceforge.net/downloads.html

 

Method 3: Use Draw.io

To use Draw.io head over to the diagrams.net website : https://app.diagrams.net/ and import icons for CORAS language.

The required icons for CORAS language can be downloaded from the CORAS Downloads webpage: https://coras.sourceforge.net/downloads.html

Please use APA 7th edition as your referencing style.

The reference list is not included in the word count. In-text citations are included in the word count.

Read more