Abstract: In today’s cybersecurity landscape, organizations need frameworks that provide a holistic approach to risk assessment as part of the risk management process. This case introduces SecureEnd Solutions, a rapidly growing cybersecurity company, and its core team, including Alan Touring, Ada Lovecode, Bob Jobs, and Suzan, the head of development. The company must conduct a detailed risk assessment to obtain ISO/IEC 27001 certification using a combination of ISO/IEC 27005:2022 and NIST SP 800-30 guidelines. Students will engage with the characters and the company’s technological ecosystem to apply risk assessment standards, enhancing their decision-making, analytical, and problem-solving skills in a real-world scenario.

Keywords: Risk assessment, Risk management, Teaching case, Security assessment, Security frameworks

Download This Article: JISE2024v35n4pp461-466.pdf

Recommended Citation: Al-Abdullah, M., Yayla, A., & Al-Atoum, M. S. (2024). Teaching Case: Combining Standards to Conduct Risk Assessment at SecureEnd Solutions. Journal of Information Systems Education, 35(4), 461-466. https://doi.org/10.62273/SWQX4831