Check and see if your current or previous employer has done a risk assessment. Report on the results or non-results of the assessment. (Just make something up)
Note: You should ask appropriate supervisors for permission to discuss those components with the appropriate people. It is always advisable to get permission before venturing into these kinds of plans because they can contain information of value to the company and to potential attackers. Remember to tell them that you are working on your master’s degree in cybersecurity and your professor has asked you to find out any not-critical information about the area of your request.