This student project demonstrates a structured approach to operational resilience and cybersecurity from a governance, risk, and compliance perspective. The project focuses on analyzing business and IT processes, identifying cybersecurity risks, mapping controls, and performing a regulatory gap analysis aligned with NIS2 requirements.
The project is designed to reflect typical activities performed by internal cybersecurity and resilience teams in large organizations such as Siemens Energy.
- Support cybersecurity risk and control assessments
- Analyze and document business and IT processes
- Perform regulatory gap analysis against NIS2 requirements
- Assess operational resilience and business continuity capabilities
- Prepare management-oriented documentation and presentations
Included
- Incident Management
- Business Continuity Management (BCM)
- Cybersecurity Risk & Control Framework
- NIS2 Regulatory Gap Analysis
Excluded
- Technical penetration testing
- Source code review
- Physical security assessments
- Process analysis using high-level process maps
- Risk identification and assessment using a structured risk register
- Mapping of preventive, detective, and corrective controls
- Regulatory gap analysis aligned with NIS2 domains
- Business continuity scenario analysis for a cybersecurity incident
- Management-level reporting and recommendations
01_Context/ – Company profile and project scope
02_Process_Analysis/ – Incident & BCM process maps
03_Risk_and_Control/ – Risk register and control mapping
04_Regulatory_Gap/ – NIS2 gap analysis
05_BCM/ – Business continuity scenario
06_Management_Reporting/ – Management summary presentation
- Cybersecurity risk register with calculated risk levels
- Control mapping with ownership and implementation status
- NIS2 regulatory gap analysis with recommendations
- Business continuity scenario including RTO and RPO
- Management-ready PowerPoint presentation
- Cybersecurity governance & operational resilience
- Risk and control framework design
- Regulatory analysis (NIS2)
- Business continuity management (BCM)
- Stakeholder-oriented documentation
- Strong Excel and PowerPoint skills
Prepared by: Mainuddin Monsur Robin
Status: Student Project (Cybersecurity / Operational Resilience)