Month/Year of Graduation


Degree Name

Bachelor of Science (B.S.)


Computer Science

First Advisor

Greg Hoff


Risk assessments provide a systematic approach to identifying potential risks that could negatively impact an organization’s operations, financial performance, and reputation. Using a risk assessment, companies can evaluate potential risks and vulnerabilities, prioritize them based on their potential impact, and develop strategies to manage and address these risks effectively.

Werner Enterprises Inc. is a nationally known trucking company headquartered in Omaha, Nebraska. Our cybersecurity capstone project motivation was to partner with Werner to produce an assessment of known application risks in a functional way that can be repeated for all of Werner’s applications. To achieve this, we created a risk equation that utilizes the vulnerabilities and risks of applications and their impact on Werner to develop an overall risk score for each application. The ideal outcome of this risk assessment is to provide findings and recommendations to improve Werner’s overall application security posture, as well as provide meaningful data for future analysis.

Our entire application risk assessment has been coordinated alongside the National Institute of Technology and Standards (NIST) 800-53 R5 report on properly conducting risk assessments. Additionally, all recommendations and implementations have been suggested alongside the NIST Cybersecurity Framework (CSF) 2.0 draft, a continuation of the CSF 1.1 framework created to guide corporations along an improved, standardized security posture.


This report has been modified from its original version to be publicly accessible. Any sensitive data regarding Werner Enterprises Inc. has been purposely excluded.