This report presents a comprehensive cybersecurity risk assessment conducted for Advanced Medicos Limited (AML), a healthcare product sales company. The assessment begins with identifying and classifying information assets, including employees, suppliers, systems, and various documentation. It then delves into the importance of information security governance, emphasizing its role in monitoring, managing, and ensuring accountability. Security policies are developed, covering end-to-end data protection, risk assessment coordination, and encryption. The report utilizes the ISO 31000 framework for risk management, outlining the framework's key components and the process of risk identification, analysis, and treatment. Vulnerabilities and threats are identified, along with their potential impacts. A risk management strategy is proposed, encompassing risk reduction, mitigation, and copying. Finally, a detailed risk assessment table evaluates vulnerabilities, existing controls, likelihood, impact, and recommended constraints to enhance AML's cybersecurity posture. The assignment fulfills the requirements of CMP73001, showcasing a practical application of cybersecurity principles.
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
