please solve this assignment!!

Risk Identification and Assessment Iris Majwabu and Mike Edwards sat side by side on the short flight to the nearby city where the Random Widget Works, Inc. (RWW) board of directors audit committee was mecting that afternoon. The two had been invited to present RWW's information technology (IT) risk management program to the committee. The board's concerns stemmed from a recent briefing by the National Association of Corporate Directors, which focused on trends affecting the potential liability of board members in the areas of InfoSec in general and risk management in particular. After the plane leveled off, Mike pulled out his copy of the presentation he planned to give that afternoon. He and Iris had been working on it for the past two weeks, and each knew the slides by heart. Iris was along to assist with the question-and-answer period that would follow Mike's presentation. "They're not going to be happy campers when you're done," Iris said. "No, they"re not," Mike said. "The CEO is worried about how they'll respond and about what might come up at the full board meeting next month. I'm afraid the disconnect between IT and Intemal Audit may have some unexpected consequences." Iris considered what she knew about the weaknesses of the Internal Audit Department's approach to the company's non-IT assets. Where Mike and Iris had built a sound, fact-based approach to estimating and controlling IT risk, some of the other company divisions used less empirical methods. "I think we should come out of this okay," Iris told Mike. "After all, the main concern of the audit committee members is the new perception of their liability for IT security and the impact that IT risk has on the issues surrounding privacy. We have a solid risk management plan in place that's working well, in my opinion." Mike looked up from his notes and said, "It's not us I'm worried about. I'm afraid we may create some discomfort and unwanted attention for our peers after the board sees the wide IS481 - Information Security Management Case Study Lab Assignment \#2 \begin{tabular}{|l|l|} \hline & variety of risk management approaches used in other divisions." \\ \hline CaseClosingScenario & MikeandIriswereflyinghomefromthemeeting.Theauditcommitteesreactionhadnotbeenwhattheyexpected.managementdocumentationtomakeitalittlemoregeneral.Itsoundsliketheboardwillwanttotakeourapproachcompany-widesoon."Irisnoddedandpulledouthernotepadtomakeato-dolist. \\ \hline CaseDiscussionQuestions & \begin{tabular}{l} 1. What will Iris have on her to-do list? \\ \hline \end{tabular} \end{tabular}