Student Lab Manual
Laboratory #3
Lab 3: Define the Scope & Structure for an IT Risk Management Plan
Learning Objectives and Outcomes
Upon completing this lab, students will be able to:
Define the purpose and objectives of an IT risk management plan
Define the scope and boundary for an IT risk management plan to encompass the seven domains
of a typical IT infrastructure
Relate identified risks, threats, and vulnerabilities to an IT risk management plan and risk areas
Incorporate the five major parts of an IT risk management process into the table of contents of
the plan
Craft an IT risk management plan table of contents that addresses the seven domains of a typical
IT infrastructure and the five major parts of risk management and risk areas
Required Setup and Tools
This is a paper-based lab and does not require the use of a “mock” IT infrastructure or virtualized server
farm.
The standard Instructor and Student VM workstation with Microsoft Office 2007 or higher is required for
this lab for Internet access and Microsoft Word for answering and submitting the Lab #3 – Assessment
Worksheet questions.
The risks, threats, and vulnerabilities identified in Lab #1 – Identify Threats & Vulnerabilities in an IT
Infrastructure will be used as a basis for the scenario in Lab #3. Students are to focus their IT risk
management plan table of contents using one of the scenarios and vertical industries assigned by the
Instructor.
In addition, Microsoft Word is a required tool for the student to craft an IT risk management plan table of
contents. The scope and structure of the table of contents will be presented by the Instructor in the demo
overview lab.
Copyright © 2013 Jones & Bartlett Learning, LLC, an Ascend Learning Company Current Version Date: 05/30/2011
www.jblearning.com
All Rights Reserved.
-18-
This study source was downloaded by 100000899606396 from CourseHero.com on 09-30-2025 05:40:55 GMT -05:00
https://www.coursehero.com/file/249913958/ThinhTHSE194653-Lab-3pdf/
, Student Lab Manual
Recommended Procedures
Lab #3 – Student Steps:
Student steps needed to perform Lab #3 – Define the Scope & Structure for an IT Risk Management Plan:
1. Connect your removable hard drive or USB hard drive to a classroom workstation.
2. Boot up your classroom workstation and DHCP for an IP host address.
3. Login to your classroom workstation and enable Microsoft Word.
4. Review the risks within each of the seven domains from a risk management perspective –
classroom discussion and interaction.
5. Review the 21 identified risks, threats, and vulnerabilities categorized within one of the seven
domains of a typical IT infrastructure. Refer to your Lab #1 – Assessment Worksheet, Part A –
List of Identified Risks, Threats, and Vulnerabilities.
6. For each of the seven domains incorporate the following outline within the scope of your risk
management plan table of contents:
Risk planning
Risk identification
Risk assessment
Risk mitigation
Risk monitoring
7. Obtain your scenario and vertical industry assignment from your Instructor.
8. Work with your group members to delegate various parts of your IT risk management plan.
9. Craft a comprehensive IT risk management plan table of contents using Microsoft Word. Be sure
to encompass the four major risk areas identified in step #6 above.
10. Answer Lab #3 – Assessment Questions and ask your Instructor questions for guidance.
Deliverables
Upon completion of the Lab 3# - Define the Scope & Structure for an IT Risk Management Plan, students
are required to provide the following deliverables as part of this lab:
1. Lab #3 – IT Risk Management Plan Table of Contents
2. Lab #3 - Assessment Worksheet Questions and Answers
Copyright © 2013 Jones & Bartlett Learning, LLC, an Ascend Learning Company Current Version Date: 05/30/2011
www.jblearning.com
All Rights Reserved.
-19-
This study source was downloaded by 100000899606396 from CourseHero.com on 09-30-2025 05:40:55 GMT -05:00
https://www.coursehero.com/file/249913958/ThinhTHSE194653-Lab-3pdf/
Laboratory #3
Lab 3: Define the Scope & Structure for an IT Risk Management Plan
Learning Objectives and Outcomes
Upon completing this lab, students will be able to:
Define the purpose and objectives of an IT risk management plan
Define the scope and boundary for an IT risk management plan to encompass the seven domains
of a typical IT infrastructure
Relate identified risks, threats, and vulnerabilities to an IT risk management plan and risk areas
Incorporate the five major parts of an IT risk management process into the table of contents of
the plan
Craft an IT risk management plan table of contents that addresses the seven domains of a typical
IT infrastructure and the five major parts of risk management and risk areas
Required Setup and Tools
This is a paper-based lab and does not require the use of a “mock” IT infrastructure or virtualized server
farm.
The standard Instructor and Student VM workstation with Microsoft Office 2007 or higher is required for
this lab for Internet access and Microsoft Word for answering and submitting the Lab #3 – Assessment
Worksheet questions.
The risks, threats, and vulnerabilities identified in Lab #1 – Identify Threats & Vulnerabilities in an IT
Infrastructure will be used as a basis for the scenario in Lab #3. Students are to focus their IT risk
management plan table of contents using one of the scenarios and vertical industries assigned by the
Instructor.
In addition, Microsoft Word is a required tool for the student to craft an IT risk management plan table of
contents. The scope and structure of the table of contents will be presented by the Instructor in the demo
overview lab.
Copyright © 2013 Jones & Bartlett Learning, LLC, an Ascend Learning Company Current Version Date: 05/30/2011
www.jblearning.com
All Rights Reserved.
-18-
This study source was downloaded by 100000899606396 from CourseHero.com on 09-30-2025 05:40:55 GMT -05:00
https://www.coursehero.com/file/249913958/ThinhTHSE194653-Lab-3pdf/
, Student Lab Manual
Recommended Procedures
Lab #3 – Student Steps:
Student steps needed to perform Lab #3 – Define the Scope & Structure for an IT Risk Management Plan:
1. Connect your removable hard drive or USB hard drive to a classroom workstation.
2. Boot up your classroom workstation and DHCP for an IP host address.
3. Login to your classroom workstation and enable Microsoft Word.
4. Review the risks within each of the seven domains from a risk management perspective –
classroom discussion and interaction.
5. Review the 21 identified risks, threats, and vulnerabilities categorized within one of the seven
domains of a typical IT infrastructure. Refer to your Lab #1 – Assessment Worksheet, Part A –
List of Identified Risks, Threats, and Vulnerabilities.
6. For each of the seven domains incorporate the following outline within the scope of your risk
management plan table of contents:
Risk planning
Risk identification
Risk assessment
Risk mitigation
Risk monitoring
7. Obtain your scenario and vertical industry assignment from your Instructor.
8. Work with your group members to delegate various parts of your IT risk management plan.
9. Craft a comprehensive IT risk management plan table of contents using Microsoft Word. Be sure
to encompass the four major risk areas identified in step #6 above.
10. Answer Lab #3 – Assessment Questions and ask your Instructor questions for guidance.
Deliverables
Upon completion of the Lab 3# - Define the Scope & Structure for an IT Risk Management Plan, students
are required to provide the following deliverables as part of this lab:
1. Lab #3 – IT Risk Management Plan Table of Contents
2. Lab #3 - Assessment Worksheet Questions and Answers
Copyright © 2013 Jones & Bartlett Learning, LLC, an Ascend Learning Company Current Version Date: 05/30/2011
www.jblearning.com
All Rights Reserved.
-19-
This study source was downloaded by 100000899606396 from CourseHero.com on 09-30-2025 05:40:55 GMT -05:00
https://www.coursehero.com/file/249913958/ThinhTHSE194653-Lab-3pdf/
