You have been hired as a security consultant to secure the network of a Fortune 500 company, such as Bank of America, Amazon, Google, etc. You can choose any hypothetical company of your choice. You are also required to identify critical IT assets and to conduct a risk assessment of the IT infrastructure. The assignment requirements are listed below.
1. Describe the purpose of a risk assessment, risk scope and identify critical areas for the Fortune 500 company.
2. Select risk assessment methodology and give your rationale behind the one you chose. Different types of risk methodologies are quantitative risk assessments, qualitative risk assessments, or a combination of both, semi-qualitative/quantitative. There are many to use, but these are the primary ones used to conduct assessments. Please make sure to state why the methodology was selected for the risk assessment.