Computer Science Department

Risk Assessment of the Computer Science Department's Websites and Local Network

Jackson Harter

A security audit, or risk assessment, will be performed for the Computer Science department's websites (www.csc.depauw.edu) and local network. For this project, the NIST Special Publication 800-30 will be used as the risk assessment methodology. The adverse impact that could result from a successful attack on the system or exploitation of a vulnerability will be quantitatively and qualitatively measured. At the end of the project, results of the risk assessment will be given the system owner(s) with existing security issues as well as recommendations for adequate controls. There will also be a presentation walking the audience through the steps of the risk assessment and a summary of results.