Expected duration
1 hour per team member
Deadline
2359 on Lesson 40
Points
20 points

Learning Objectives

  • Employ software project management principles to mitigate risks

Help Policy

Authorized Resources
Any, except classmates working on other teams
Notes
Never copy another person’s work and submit it as your own

You must document all help received from all sources, including the instructor and instructor-provided course materials (such as the textbook)

Assignment

Your project team must develop a security risk assessment for your project. Specifically, you shall conduct a security risk analysis using the preliminary risk assessment process for security requirements in Figure 13.5 (Sommerville 2016). Report the following results from that analysis using lists for the following:

  • assets with value and exposure descriptions,
  • threats,
  • controls with feasibility assessment, and
  • specific security requirements.

Use the template in the project repository for the security assessment.

Submission

Create a pull request in GitHub for your security assessment. In Canvas, submit the URL for the pull request and include your documentation statement as part of your submission.

Only one person on each team should submit this assignment.

Grading

The following grading rubric will be used for this assignment:

Superb (100%)
Assets, threats, and controls articulated clearly without omissions; security requirements are complete
Proficient (90%)
Assets, threats, and controls articulated clearly, possibly with a minor omission; security requirements identified, but may be ambiguous or omit a minor requirement
Competent (75%)
Some assets, threats, and controls listed, but with minor omissions; security requirements are ambiguous or omit multiple minor requirements
Marginal (50%)
Some assets, threats, and controls listed, but with major omission; security requirements are ambiguous or omit major requirement
Unsatisfactory (25%)
Few assets, threats, and controls listed, but with major omissions; security requirements omit major requirements