User Account

All Pages

Describe specific plans and control objectives

Assignment Help Management Information Sys
Reference no: EM13892343

This assignment consists of five (5) parts:

Part 1: Organization Chart

Part 2: Request for Proposal (RFP) Plan

Part 3: Physical Security Plan

Part 4: Enterprise Information Security Compliance Program

Part 5: Risk Management Plan

Imagine that you have been recently promoted to serve as Chief Information Security Officer (CISO) for a Fortune 500 organization. This organization has known brand products across the world and expects top-secret methods for safeguarding proprietary information on its recipes and product lines. The Board of Directors request that their information security strategy be upgraded to allow greater opportunities of secure cloud collaboration between suppliers and resellers of their products. Another concern they have is the recent number of hacktivist attacks that have caused the network to fail across the enterprise. Their concern extends to making sure that they have controlled methods for accessing secured physical areas within their various regional facilities.

For your new position, you will be responsible for developing standards, methods, roles, and recommendations that will set the new IT security path for the organization. The existing organization has limited experience in supporting an enhanced level of IT security; therefore, you may need to outsource certain security services.

Additionally, you may create and / or assume all necessary assumptions needed for the completion of this assignment.

Write an eight to twelve (8-12) page paper in which you provide the following deliverables:

Part 1: Organization Chart

1. Use Visio or an Open Source alternative, such as Dia, to:

a. Create an organization chart in which you:

i. Illustrate the roles that will be required to ensure design, evaluation, implementation, and management of security programs
for the organization.

ii. Within your organizational chart, clearly identify the reporting structure for roles such as IT Security Compliance Officer, Security Manager, CIO, CISO, IT Security Engineer, Privacy Security Professional, and IT Procurement Specialist.

iii. List the types of resources required to fulfill the each forensic duty of the organization below each of the roles you identified.

iv. Align your organization chart to reflect the Department of Homeland Security (DHS) Essential Body of Knowledge's three (3) areas of information security: physical security professional, privacy professional, and procurement professional. Provide comments and comparisons on how your organizational chart fosters these three (3) values.

Part 2: Request for Proposal (RFP) Plan

2. Develop a Request for Proposal (RFP) plan to solicit qualified vendors that could partner with your internal team to deliver optimum IT service delivery. The RFP Plan should contain qualifying criteria of potential vendors and the responsibilities of the vendor once  the contract is awarded. As part of the plan, you must:

a. Describe at least two (2) perspectives that need to be closely monitored within the contract.

b. Give your perspective on at least two (2) methods that could be used to evaluate and develop a qualified trusted supplier list.

Part 3: Physical Security Plan

3. Recommend a physical security plan that could be used to protect sensitive areas such as telecom rooms, employee only areas, and manufacturing facilities in which you:

a. Include at least three (3) specific methods.

Part 4: Enterprise Information Security Compliance Program

4. Establish an enterprise information security compliance program that addresses the concerns of the board of directors of the  organization in which you:

a. Describe specific plans and control objectives that could be adopted to address the known issues.

b. Suggest at least three (3) information security policies that could be developed and practiced within the organization for data security assurance.

c. Outline the steps you would take to define the security needs of the organization in terms of duties, staffing, training, and processes.

Part 5: Risk Management Plan

5. Develop a risk management plan in which you:

a. Describe at least three (3) possible risk management efforts that could be used to assess threats and unknown issues.

b. Determine why defining priorities is an important part of the process when enumerating and having efficient risk control measures.

c. Suggest specific technical and management controls that could be enacted in order to monitor risks accurately.

6. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Reference no: EM13892343

Questions Cloud

Explain why increase from last quarter to current quarter : Analysis of the key business forms and the key expenses it can be said that the decision taken has been taken considering each and every item of expenses and that there is proper control over the expenses and the overall management of the expenses..
What evidence-based strategies would you use? : What evidence-based strategies would you use?
What difference in pressure between inside and outside air : What is the difference in pressure between the inside and outside air? Assume the air flow to be laminar (non-turbulent) and non-viscous. The density of air is 1.30 kg/m3.
What is total rate of return on security a over the interval : Calculate the rate of capital gain (or loss) over the interval from time t-1 to time t. Over that interval, what is the dividend yield? What is the total rate of return on Security A over the interval from time t-1 to time t?
Describe specific plans and control objectives : Establish an enterprise information security compliance program that addresses the concerns of the board of directors of the  organization in which you: Describe specific plans and control objectives that could be adopted to address the known issue..
Information collected through online forms : Name three ways online advertising networks have improved on, or added to, traditional offline marketing techniques. Explain how behavioral targeting is supposed to benefit both consumers and businesses. How does information collected through online ..
Calculate the rate of return on the portfolio for january : Suppose the investor had constructed his portfolio by taking a short position in Security H equal to 20% of his initial funds. Calculate the rate of return on the portfolio for January.
Terms of emerging threats from disruptive technologies : Where has Microsoft been effective in addressing challenges from disruptive business models? If you were a high-level consultant to senior leadership at Microsoft, what recommendations would you offer in terms of emerging threats from disruptive t..
What could be a potential problem when trying to reach goal : What could be a potential problem when trying to reach that goal?

Reviews

Write a Review

Management Information Sys Questions & Answers

  Company cost of preferred stock

If the company were to sell a new preferred issue, it would incur a flotation cost of 5.00% of the price paid by investors. What is the company's cost of preferred stock?

  Supply and demand explained in this solution

Supply and demand explained in this solution - Which supply and demand hedging strategies (commodities futures, vertical/horizontal integration, etc.) would be the most appropriate to meet your customer requirements, based on the country's specific..

  How does netflix''s business model work

How does Netflix's business model work to coordinate incentives across its supply chain. Give specific examples. Think about the use of prepaid postage, easy online ordering, no late fees, etc

  Hierarchical tree

Write a two-and-a-half-page report briefly describing SNMP and its commands and describing MIB-1/MIB-2, including the hierarchical tree, object identifier (OID), groups, and object types

  Risk factors of global communications

Risk Factors of Global Communications - The purpose of this analysis is to discuss the possible outcomes of entering into strategic alliances with potential overseas competitors, and evaluate the risks inherent with these options.

  As the companys product manager your boss the marketing

as the companys product manager your boss the marketing manager is concerned about the future success or viability of

  Develop a requirements traceability matrix

Discuss the need for requirements verification and validation, develop a requirements traceability matrix that depicts how requirements are satisfied throughout the software development lifecycle, and conduct requirements reviews

  Describe about supply chain managment

Explain your approach to effecting a win-win negotiation with a potential long-term supplier for a specific product or service.

  It is common practice to categorize computers into groups

it is common practice to categorize computers into groups such as personal computers network servers network computers

  Show the impact of information systems

Show the impact of information systems/technology on automobile industry. Focus on Ford Motor Company and give recommendations on how to improve there information technology

  Collaborative and individual writing processes

Collaborative and Individual Writing Processes and disadvantages of the collaborative writing process in 200 to 300 words. In what situations might an individual writing process be preferable?

  Planning or using a new systemhave you been involved in

planning or using a new systemhave you been involved in either planning or using a new system? discuss your experience.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd