Research Report #1: Data Breach Incident Analysis & Report

Research Report #1: Data Breach Incident Analysis & Report

Rubric Name: Research Paper #1 Rubric

Criteria Excellent Outstanding Acceptable Needs Improvement Needs Significant Improvement Missing or Unacceptable
Introduction or Overview for the Report 15 points

Provided an excellent overview of the problem (audit findings related to company’s readiness to respond to data breaches). Explained the business need for cyber insurance. The introduction was clear, concise, and accurate. Writer appropriately used information from 3 or more authoritative sources

13.5 points

Provided an outstanding overview of the problem (audit findings related to company’s readiness to respond to data breaches). Explained the business need for cyber insurance. The introduction was clear and accurate. Writer appropriately used information from at least 2 authoritative sources

12 points

Provided an acceptable overview of the problem (audit findings related to company’s readiness to respond to data breaches). Explained the business need for cyber insurance. Writer appropriately used information from authoritative sources

10 points

Provided an overview but the section lacked important details about the problem and audit findings. Information from authoritative sources was cited and used in the overview.

6 points

Attempted to provide an introduction to the research report but this section lacked detail, was off topic, and/or was not well supported by information drawn from authoritative sources.

0 points

The introduction and/or overview sections of the paper were missing.

Analysis: Overview of Data Breach(es) 20 points

Provided an excellent overview / introduction to the data breach(es). Clearly identified the company and five or more types of data that were involved. Incorporated at least 3 of the following types of information about the data breach(es): who, what, when, where, why, and how. Appropriately used information from 3 or more authoritative sources.

18 points

Provided an outstanding overview / introduction to the data breach(es). Identified the company and three or more types of data that were involved. Incorporated at least three of the following types of information about the incidents: who, what, when, where, why, and how. Appropriately used information from 3 or more authoritative sources.

16 points

Provided an acceptable overview / introduction to the data breach(es). Identified the company and the types of data that were involved. Incorporated at least two of the following types of information about the incidents: who, what, when, where, why, and how. Appropriately used information from authoritative sources.

14 points

Provided a discussion of the data breaches that covered at least three types of data involved in the breach(es). Information from authoritative sources was cited and used.

7 points

Attempted to provide information about the data breach(es) The discussion was significantly lacking in detail and/or was not well supported by information drawn from authoritative sources.

0 points

This section was missing, off topic, or failed to provide information about the data breach(es).

Analysis: The Court Case and Findings 15 points

Provided an excellent analysis of the court case and findings against the company. Clearly identified the victims of the data breach, the court of jurisdiction, and five or more findings (liability / penalties) against the company. Appropriately used information from 3 or more authoritative sources.

13.5 points

Provided an outstanding analysis of the court case and findings against the company. Clearly identified the victims of the data breach, the court of jurisdiction, and four or more findings (liability / penalties) against the company. Appropriately used information from 2 or more authoritative sources.

12 points

Provided an acceptable analysis of the court case and findings against the company. Identified the victims of the data breach, the court of jurisdiction, and 3 or more findings (liability / penalties) against the company. Appropriately used information from authoritative sources.

10 points

Provided a discussion of the data breach court case that included at least three findings against the company. Information from authoritative sources was cited and used.

6 points

Attempted to provide information about the court case. The discussion was significantly lacking in detail and/or was not well supported by information drawn from authoritative sources.

0 points

This section was missing, off topic, or failed to provide information about the court case.

Best Practice Recommendations: People, Processes, Policies and Technologies 15 points

Provided an excellent discussion of at least five best practice based recommendations for preventing / responding to data breaches. Included at least one recommendation in each of the following categories:

· People

· Processes

· Policies

· Technologies

The discussion appropriately used information from three or more authoritative sources.

13.5 points

Provided an outstanding discussion of at least four best practice based recommendations for preventing / responding to data breaches. Included at least one recommendation in three of the following categories:

· People

· Processes

· Policies

· Technologies

The discussion appropriately used information from two or more authoritative sources.

12 points

Provided an acceptable discussion of at least three best practice based recommendations for preventing / responding to data breaches. Included at least one recommendation in two of the following categories:

· People

· Processes

· Policies

· Technologies

The discussion appropriately used information from authoritative sources.

10 points

Identified 2 or more best practices for preventing / responding to data breaches. Included at least one recommendation in two or more of the following categories:

· People

· Processes

· Policies

· Technologies

The discussion appropriately used information from authoritative sources.

6 points

Attempted to provide information about best practices for preventing / responding to data breaches. OR, the discussion was not well supported by information from authoritative sources.

0 points

Discussion of best practices was missing or lacked relevancy to the topic of data breach prevention and response.

Summary of Recommendations 10 points

The closing section provided an excellent summary of the issues and best-practice based recommendations for data breach prevention and response.

8.5 points

The closing section provided an outstanding summary of the issues and best-practice based recommendations for data breach prevention and response.

7 points

The closing section provided an acceptable summary of the issues and best-practice based recommendations for data breach prevention and response.

6 points

The closing section provided some information summarizing the issues and recommendations but lacked detail or was disorganized.

4 points

A closing section was provided but was not relevant OR was not well supported by information from authoritative sources.

0 points

Did not provide a summary or closing section.

Professionalism: Addressed security issues using standard cybersecurity terminology 5 points

Demonstrated excellence in the integration of standard cybersecurity terminology into the report.

4 points

Provided an outstanding integration of standard cybersecurity terminology into the report.

3 points

Integrated standard cybersecurity terminology into the into the report.

2 points

Used standard cybersecurity terminology but this usage was not well integrated with the discussion.

1 point

Misused standard cybersecurity terminology.

0 points

Did not integrate standard cybersecurity terminology into the discussion.

Professionalism: Consistent Use and Formatting for Citations and Reference List 5 points

Work contains a reference list containing entries for all cited resources. Sufficient information is provided to allow a reader to find and retrieve the cited sources. Reference list entries and in-text citations are consistently and correctly formatted using an appropriate citation style (APA, MLA, etc.).

4 points

Work contains a reference list containing entries for all cited resources. Sufficient information is provided to allow a reader to find and retrieve the cited sources. One or two inconsistencies or errors in  format for in-text citations and/or reference list entries.

3 points

Work contains a reference list containing entries for all cited resources. Sufficient information is provided to allow a reader to find and retrieve the cited sources. No more than 5 inconsistencies or errors in  format for in-text citations and/or reference list entries.

2 points

Work has no more than three paragraphs with omissions of citations crediting sources for facts and information. Work contains a reference list containing entries for cited resources. Work contains no more than 10 inconsistencies or errors in format.

1 point

Work attempts to credit sources but demonstrates a fundamental failure to understand and/or consistently apply a professional formatting style for the reference list and/or citations.

0 points

Reference list is missing. Work demonstrates an overall failure to incorporate and/or credit authoritative sources for information used in the paper.

Professionalism: Organization & Appearance 5 points

Submitted work shows outstanding organization and the use of color, fonts, titles, headings and sub-headings, etc. is appropriate to the assignment type.

4 points

Submitted work has minor style or formatting flaws but still presents a professional appearance. Submitted work is well organized and appropriately uses color, fonts, and section headings (per the assignment’s directions).

3 points

Organization and/or appearance of submitted work could be improved through better use of fonts, color, titles, headings, etc. OR Submitted work has multiple style or formatting errors. Professional appearance could be improved.

2 points

Submitted work has multiple style or formatting errors. Organization and professional appearance need substantial improvement.

1 point

Submitted work meets minimum requirements but has major style and formatting errors. Work is disorganized and needs to be rewritten for readability and professional appearance.

0 points

No work submitted.

Professionalism: Execution 10 points

No formatting, grammar, spelling, or punctuation errors.

8.5 points

Work contains minor errors in formatting, grammar, spelling or punctuation which do not significantly impact professional appearance.

7 points

Errors in formatting, spelling, grammar, or punctuation which detract from professional appearance of the submitted work.

6 points

Submitted work has numerous errors in formatting, spelling, grammar, or punctuation. Work is unprofessional in appearance.

4 points

Submitted work is difficult to read / understand and has significant errors in formatting, spelling, grammar, punctuation, or word usage.

0 points

No work su


Comments are closed.