Review the security controls outlined in Step $2$ of the SureMarket IT Systems Security Audit Results.

Your next task is complete Steps $3$ and $4$ of the NIST RMF process by continuing to document information needed for your presentation to the SureMarket leadership in Part B of the Week $4$ assignment.

Part A

To prepare your documentation for Step $3,$ create a $2-$ to $3-$page table in Microsoft Word mapping each of the $5$ vulnerabilities from the SureMarket IT Systems Security Audit Results document to the ineffective or non$-$existent security controls. The landscape table should include the following $5$ columns:

IT System with the Vulnerability

Vulnerability Title

Vulnerability Description

Security Control that is Not Compliant

Type of Security Control $($Technical or Non$-$technical$)$

Part B

To prepare your documentation for Step $4,$ use the information from Steps $1$ through $3$ to create a $10-$ to $11-$slide Microsoft PowerPoint$$ presentation documenting the risk assessment for the selected security controls for each IT system. You will present this to the Chief Information Officer $($CIO$)$ and Chief Information Security Officer $($CISO$)$ prior to the presentation with the SureMarket leadership $($prepared in your Week $4$ assignment$)$ to be sure the CIO and CISO approve the Phoenix Security Services contract work.

Your presentation should include the following:

A table for each IT System $(1$ slide per system$)$ that shows:

IT System Categorization for confidentiality, integrity, and availability

Vulnerability Title

Vulnerability Description

Security Control Name $($e$.$g$.,$ AC$-2)$

Likelihood Determination

Impact Determination

A $5$ x $5$ Risk Matrix for each IT System as derived from NIST SP $800-30(1$ slide per system$)$ with the overall risk assessment identified

A table summarizing the overall risk for each IT system $($on a single slide$)$

Narration in the Notes section of each slide.

Note: You will use this week$$s assignments to help you complete the Week $4$ assignment.