You are a newly appointed security officer (SO). The chief information security officer (CISO) has given you 60 days to deliver a security policy plan to address the organizational growth that the company is anticipating. Note: You may create or make all necessary assumptions needed for the completion of this assignment.
Use the Internet to research the process that leads to the identification of security needs in an organization. Also, research an organization with a security policy in place, and review how this organization laid down the foundation for its security policy. Review the business requirements for the security project plan. You will be asked to describe the detailed project, including the scope of the project; possible security risks, constraints, and assumptions; integration with other systems and infrastructure; and relevant terms that were used throughout the security project.
Write a 3–4 page paper in which you:
Explain the process that leads to the identification of security needs and how those needs lay down a foundation for a policy.
Describe the details regarding the type of business in which the company you researched is engaged.
Provide a description about the current system requirements activities within the organization you researched.
Describe the types of data that the company you researched collects to support the business. The description should include the following:
Operational systems.
Analytics and interfaces.
Infrastructure and security.