User Account

All Pages

Create a component of an information security plan

Assignment Help Other Subject
Reference no: EM131702252

Assignment

Discussion: Potential Risks (1 or less 1 page)

Your organization is considering a new project that would involve developing a Human Resource Management System. The proposed system would allow employees to access and maintain their personal and tax-related information. The main benefits of the system would be a reduction in human resources personnel and more accurate information.

Identify five potential risks for this project. Make sure that you list both positive and negative risks. Provide a detailed description of each risk and propose strategies for addressing each risk

Assignment: Course Project 1: Risk Management Plan (two page)

As you learn about information security, it is important that you put what you learn to practice. An information security manager should be able to put together an information security plan. The information security plan establishes and states the policies governing IT standards and practices. These policies define the organization's objectives for managing operations and controlling activities, and represent the plans or protocols for achieving and maintaining internal control over information systems as well as compliance with the requirements imposed. In general, an information security plan covers several security areas such as access control, security policies, risk management, business continuity, etc.

Starting with this module, and for the next few modules, you will create a component of an information security plan each week. At the end of this project, you will combine those components to create your completed information security plan. The plan is:

• Module 3: Risk Management Plan
• Module 4: Security Policy Plan
• Module 5: Access Control Policy
• Module 7: Physical Security Policy
• Module 8: Implementation Plan and Complete Information Security Plan

You are expected to use the assigned text and conduct research to be able to respond effectively to your weekly deliverables. You may use the Information Security Plan Template (.docx) to assist with completing each component of the plan. Additionally, separate templates will be provided for each component.

You will create a Risk Management Plan based on the following case:

You are an information systems security manager in a small airport and you were asked to conduct a security threat risk assessment for the airport's web site and applications' infrastructure. The airport has apparent weaknesses in its system of controls. Your predecessor did not have a security management plan in place because he was not sure which threats to address and in what order because he did not have a good handle on the information systems assets nor their value. You were asked to create a Security Threat Risk Assessment Plan. Use the Risk Management Template (.docx) to create your Risk Management Plan. The template is already populated with a lot of information to help you. Modify the template as appropriate for your project. Make sure to include the following in your plan:

1. A list of assets and their values. Describe the assets within the scope of your assessment. (Asset, category, value, controls in place, etc.). Your table should include at minimum 6 assets.

2. A Threat Assessment Table (Assets/Likelihood/Gravity)

3. Recommendations based on your findings. (High Risk Areas)

Assignment: Course Project 2: Security Policy (two page)

In the last module, you started working on your project by producing a risk management plan as part of your security plan for this course. In this module, you will produce another key component of your security plan, the security policy plan.

Again, using the airport case we have established in module three, using what you have learned in this module, and using the Web for examples of technology-specific security policies, create a security policy applicable to your airport project. You can use the Information Security Policy Template (.docx) as a guide or modify it as applicable to write your Security Policy plan.

Assignment: Course Project 3: Access Control Policy

In this module, you will produce another key component of your security plan, the Access Control Policy.

Using the airport case we have established in module three, using what you have learned in this module, and using the Web for examples of Access Control Policies, create an Access Control Policy applicable to your airport project. You may use the Access Control Template (.docx) as a guide or modify it as applicable to write your Access Control Policy.

Assignment: Course Project 4: Physical Security Policy(two page)

In this module, you will produce another key component of your security plan, the Physical Security Policy.

Using the airport case we have established in module three, using what you have learned in this module, and using the Web for examples of Physical Security Policies, create a Physical Security Policy applicable to your airport project. You may use the Physical Access Policy template (.docx) as a guide or modify it as applicable to write your Physical Security Policy.

Assignment: Course Project 5 ( two page)

In this module, you will complete your Security Implementation Plan and Compile all components from previous modules to create your completed Information Security Plan.

Using the airport case we have established in module three, using what you have learned in this module, and using the Web for examples of Security Implementation Plans, create a Security Implementation plan applicable to your airport project. You may use the Implementation Plan Template 1 (.docx) and Template 2 (.docx) as a guide or modify them as applicable to write your Security Implementation Plan.

Once you have completed the Implementation Plan, combine the following elements to create your completed Information Security Plan:

• Module 3: Risk Management Plan
• Module 4: Security Policy Plan
• Module 5: Access Control Policy
• Module 7: Physical Security Policy
• Module 8: Implementation Plan.

Reference no: EM131702252

Questions Cloud

Needed in the program planning process : What are the different types of objectives that are needed in the program planning process?
Write a paper about national environmental policy act : Write a paper about National Environmental Policy Act. Your two-page report should include but not be limited to covering the key points: Current Status.
Participate in e-commerce : Why would a company choose not to participate in e-commerce? What IT-based issues might prevent an organization from adopting e-commerce?
How many blocks of main memory are there : What is the format of a memory address as seen by the cache, i.e., what are the sizes of the tag, block, and offset ?elds?
Create a component of an information security plan : Starting with this module, and for the next few modules, you will create a component of an information security plan each week.
Discuss organizations in the transformation process : A strategy of embracing the past will probably become increasingly ineffective over the next few decades. Better for most of us to start learning now
Protect assets and prevent unauthorized access : Strong passwords are necessary to protect assets and prevent unauthorized access. In your own words, describe the 4 components of enforcing password strength.
Promotional and sales activities for the new station : A popular disc jockey signed a three-year contract with a radio station under which she agreed that if she quit her job at the station.
Massive parallel processing systems : The next generation computers will permit you to speak commands to massive parallel processing systems?

Reviews

Write a Review

Other Subject Questions & Answers

  Character of innate human nature

Below are the five variants Kluckhohn and Strodtbeck (1982) listed as universally significant. Would you add or subtract anything if you had the chance? 1. The character of innate human nature (human nature orientation)

  Cross-cultural studies of human sexual desire

Cross-cultural studies of human sexual desire have revealed that.

  Using only the materials provided in the course discuss

1.using only the materials provided in the course discuss three factors that a court will use in determining whether to

  Residents registered as republicans

A friend of yours tells you that the district in which she lives has 85% of its residents registered as Republicans and that Republicans always win the House elect ion from her district. This is an example of a

  Describe one personal real-life example of an occurrence

Consider the events from the past week of your life. How does expertise, or the perception of it, affect our behaviors, actions, and knowledge development?

  Calculate the average inflation that a college student faced

Calculate the average inflation that a college student faced for 2012-2015. The inflation rate for tuition times its weight plus the inflation rate for coffee times its weight plus etc.

  The national association of school nurses (nasn)

Considering the role of healthcare managers and administrators in organizing and building for community health, do you agree with the NASN approach? Why or why not?

  What can we tell about the purpose of girl

Write an essay of approximately 800-100 words on the following topic: What can we tell about the purpose of "Girl" by jamaica kincaid from her choice of format and language in the story

  Analyze the specific actions that the leadership has taken

Analyze the specific actions that the leadership of the selected country has taken, through the use of its foreign aid from donor nations

  Explain and evaluate rene descartes argument for knowledge

Explain and evaluate Rene Descartes argument for knowledge including the role of skepticism, the evil demon, and god in resolving his doubts. Explain and evaluate Thomas Hobbes view that all objects are material, including thoughts, feelings and ide..

  What does the term physiological density as applied to

1. what does the term physiological density as applied to human population mean?2. even though older populations are

  Radical innovation or an incremental innovation

In the Honda case, are c a radical innovation or an incremental innovation? Are they competence enhancing or competence destroying, and from whose perspective? How would you answer these questions for fuel-cell vehicles?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd