solution

Executive Summary “Write this after you’ve completed writing the report. Think of what you’d say if you ran into an executive in the elevator and had one minute to summarize your proposal” (Snedaker, 2006). The Executive Summary summarizes the report content in a small paragraph containing a statement of your proposal. Executive summery target executives who will make the decision on the proposal. This section normally is written after writing the report.

• Scope of work clearly identifies the scope of the project and any other information that affect the time and budget of the project.
• Project Objectives Provide the objectives that the organization will gain from the proposed product.
• Assumptions Providing the assumption will help the report audiences to understand why proposal followed a specific direction.
• Timeline This will show the product implementation start and end dates. This will provide the report target audiences with information about:
  1. Implementation duration
  2. The risks and issues that may arise during this period
• Summary of Findings In a glance view, show the number of discovered issues based on priorities. “When you construct the report of your findings, be careful to avoid statements that are inflammatory, unsupported by the evidence, speculative, or overly frightening.” (Smith et al, 2004).
• Summary of Recommendation Based on the analysis of risks and the high level finding, the high level recommendation for the target organization need to be described, including the proposed solution or product.

Methodology This section provides the needed information about the issues identified. What steps have been followed to collect the information, analyze them, methodology used to calculate the risk for each vulnerability or issue.

Detailed findings This section provides detailed information for each finding. Present the findings in the simplest way as possible. For each finding describe the threat level, vulnerability rating, analysis of the issue and the impact on the information asset (the IP address) if the threat agent was able to exploit the vulnerability, Risk Rating and Recommendation. Each one of these elements will be briefed in the next paragraphs. There are a number of ways in which results can be presented. Here are a few:

• 1. Tables
  2. Graphs
  3. Pie or Bar charts
  4. Diagrams
• Recommendation Present potential solutions, mitigations, or other suggestions for reducing or eliminating the vulnerabilities or issues.” (Smith et al., 2004).

References It is important to give precise details of all the work by other authors, which has been referred to within the report. Details should include:

• Author’s name and initials
• Date of publication
• Title of the book, paper or journal
• Publisher
• Place of publication
• Page numbers
• Details of the journal volume in which the article has appeared. References should be listed in alphabetical order of the authors’ names. Make sure that your references are accurate and comprehensive.

Appendices An appendix contains additional information related to the report but which is not essential to the main findings. This can be consulted if the reader wishes to but the report should not depend on this.

Glossary Define the meaning of technical terms.