Develop a plan to implement the security controls-policies

Assignment Help Management Information Sys
Reference no: EM131396862 , Length: 5

The final step in developing the network security plan is to define how the plan that you have developed will be implemented within the organization. Implementing security controls and adding security devices can be a complex process that will affect every aspect of the organization.

A detailed plan that phases in controls and new devices-and has a backup plan for any problems-will greatly increase the success rate of implementing a network security plan.

• For this assignment, you will add a detailed implementation plan of 4-5 pages, which will describe your proposed solution for the implementation of a network security plan in your organization.

• Finally, you will refine the Network Security Plan document to produce the final draft version. Updates may be based upon peer and instructor feedback.

The project deliverables are the following:

• Update the Network Security Plan with a new date.

• Update the previously completed sections based upon your peers' and instructor's feedback.

• Implementation Plan

o Develop a plan to implement the security controls and policies that you identified in previous sections.

o Develop a plan to implement new security devices and modify existing security devices that are required to monitor the network and the polices that were created or updated.

o Describe how these controls, policies, and security devices have addressed the key security areas of confidentiality, integrity, authentication, authorization, and nonrepudiation cryptographic services.

• Network Security Plan

o Revise the entire document, and make any necessary changes and improvements.

o Ensure that the final version is sufficiently detailed to allow the organization to confidently move forward with the implementation of the security controls and devices based upon your recommendations.

o Previous instructor feedback should be addressed with appropriate changes.

• Update your table of contents before submission.

Network Security Plan

This course has been composed of a series of Individual Project assignments that have contributed to a Key Assignment submission at the end of the course. Each week, you have completed a part of a network security plan. The full Key Assignment should include the following tasks:

• Overview of Network and Existing Security (Week 1)

o Select an organization as the target for the analysis.

o Provide an overview of the organization's existing network architecture.

? The overview will include description of the network, the topology, protocols allowed, connectivity methods and network equipment, number of routers, switches, and any other network equipment, such as VPN concentrators, proxies, etc.

o Provide a summary of the current security devices currently in use on the network.

List the type of device, the vendor, and give a brief description of how the device is used.

• Risk Assessment

o Conduct an inventory of the devices within your network. Provide a summary of the number of desktops, laptops, network printers, and servers.

Identify key assets

Assets also include records and sensitive information that requires special protection.

Prioritize each asset or group of assets, and assign a value to each.

o Identify and describe the risks within your environment.

o Do not forget natural disasters.

o Determine the likelihood that the risk could occur.

o Identify the tools and methodology that you would use to conduct the risk assessment.

• Security Architecture Plan (Week 3)

o Based upon the risk assessment and your analysis, create an action plan to mitigate the risks that you have identified.

o Identify and select appropriate technologies to protect the network and the organization's information, and explain why you chose each technology.

Describe where you plan to place these technologies in the network, and explain why.

The plan should cover all layers of the OSI model.

o Identify additional software that will be required to monitor the network and protect key assets.

Identify security controls that need to be implemented to assist in mitigating risks.

• Security Policies (Week 4)

o Create the Key Assignment first draft for peer review.

o Continue the development of the plan.

Create a fourth section in the plan to list all of the policies you would have for your organization and a brief description of what each policy will contain.

Each policy will address how you plan to monitor the policy and what the appropriate punishments should be for violators.

Provide a timetable for when these policies should be reviewed and updated.

o Continue development of the Network Security Plan with an Incident Response Plan of 2-3 pages.

Include the actions that need to occur when an incident is in progress.

Include how your organization will identify and classify incidents, what the response will be, and the plan to recover.

• Implementation and Incident Response (Week 5)

o Analyze previous submissions, and make changes as necessary to the final paper.

Submit a detailed implementation plan of 4-5 pages that will describe your proposed solution for the implementation of the Network Security Plan for the organization.

This is the last and final section of the Key Assignment and should bring together all aspects of the implementation in one cohesive paper.

Revise the previous sections so that the entire plan flows and has a strong introduction and conclusion.

o Submit the final Key Assignment.

The final step in the planning phase is to review the plan to ensure that the Information Security Assurance Implementation Plan adequately addresses the requirements and that it is sufficiently detailed to allow the organization to move forward with the implementation phase based on your plan. This is also a good time to identify a model to ensure the development of secure Web-based and platform-based applications. In addition, you should identify methods to assess compliance with your plan.

For this assignment, you will add 3-4 pages describing a security-driven life cycle development model to prevent security holes for Web-based and platform-based applications, as well as methods to assess compliance with your plan and to assure the security of the organization's information. Finally, you will further refine the Information Security Assurance Implementation Plan to produce the final draft version. Updates may be based on peer and instructor feedback.

The project deliverables for Week 5 are as follows:

• Update the Information Security Assurance Implementation Plan title page with the new date.

• Update the previously completed sections based on the instructor's feedback.

• Assessment and Assurance

o Describe a security-driven life cycle development model to prevent security holes in applications for the organization.

o Describe methods that will be used to assess compliance with the implementation plan and policies outlined in your plan and to assure the security of the organization's information.

• Information Security Assurance Implementation Plan final draft

o Review the entire document for any changes and improvements that you would like to make.

o Ensure that this final version of the plan is sufficiently detailed to allow the organization to move forward with the implementation phase based on your plan.

o Any previous instructor feedback should be addressed with appropriate changes.

• Be sure to update your table of contents before submission.

Reference no: EM131396862

Questions Cloud

Discuss about the packet switched wan protocols : WAN Technologies Paper:Research Point-to-Point (dedicated), Packet Switched, and Circuit Switched WAN protocols/circuits/types. Define each protocol and describe at least two data transmission technologies associated with the protocol. Include t..
Second stage of the pipeline : 1. Prove that if the first stage of this pipeline, g, fails to be 1-1, then the entire pipeline, h can also not be 1-1. You can prove this directly or contrapositively. 2. Prove that if the second stage of the pipeline, f, fails to be onto, then th..
Using both the closed and open system analytical framework : Using both the closed and the open system analytical framework, specifically discuss the police department criminal justice component and Explain which system makes your chosen component more or less effective within the context of managing internal ..
Currently faced with sequestration : As a CFO/ Manager you are currently faced with Sequestration which is making you lose sleep. Unfortunately, you like to enjoy your sleep! The sequestration has compelled you to cut three program management positions because those programs are state a..
Develop a plan to implement the security controls-policies : The final step in developing the network security plan is to define how the plan that you have developed will be implemented within the organization. Implementing security controls and adding security devices can be a complex process that will aff..
Company core competencies-job core competencies : What is the difference between company core competencies, job core competencies, and trainer and HRM competencies? Are they the same or different? How can one build on the other?
Write code that will read queries from a sql file : CSC 553 Advanced Database Topics Assignment. Write code that will read queries from a .sql file (assume semicolon-separated queries), connect to MySQL database and run each query reporting the time it took
Information on job history using a chi square test : Researchers want to compare these results with information on job history using a chi-square test. What do you suggest they do first before performing a chi-square test?
What was the percentage discount : The original price of a computer was $1659, but Edgar bought it on sale for $981.30. What was the percentage discount?

Reviews

Write a Review

 

Management Information Sys Questions & Answers

  Show the html sample codebuilding a web page using

show the html sample codebuilding a web page using htmlpage-building software is a quick and easy way to design a web

  Analyze case study supporting mobile health clinics the

analyze case study supporting mobile health clinics the childrens health fund of new york city examine the case study

  Identify at least two e-commerce systems

Identify at least two e-Commerce systems that provide XML data integration. For each system, describe how XML extensions could enable e-Commerce integration among system stakeholders such as vendors, resellers, suppliers, and customers.

  Advantages of increased connectivity

Increased connectivity - advantages of increased connectivity

  Determine a critical element in the process

Determine a critical element in the process for implementing a health information management system, and specify the conditions under which this element would improve the implementation of the system.

  Using the research topic does the united states benefit

using the research topic does the united states benefit from the world trade organization?1. locate a related reference

  Supply chain explained1 an undisputable source of

supply chain explained1. an undisputable source of gathering competitive intelligence is competitors customers. what

  What is an enterprise resource planning system

What are the three most common ways in which the IT function can be placed within an organization?- What is an enterprise resource planning (ERP) system?

  Advancement in production technologyadvancement in

advancement in production technologyadvancement in production technologytechnology production linkages and womens

  Problems of cost estimates with information technology

The question related to Management Information System and it discuss about the problems of cost estimates with information technology. The problems have been discussed in the solution briefly

  What key persuasive techniques used in consumer advertising

What are the key persuasive techniques used in consumer advertising? Illustrate with specific examples, explaining how each technique works.

  Problems that project managers will face

Problems that project managers will face - Explain four problems that project managers will face in the coming decade.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd