Security Management Document

 

Although an actual plan is not feasible, each week will constitute portions of an overall Security Management Document that could be implemented.
Throughout this course, you will be working with a scenario in which some basic background information is provided about a consulting firm. This scenario and information is typical in many companies today. You are tasked to select a company that you are familiar with that is facing a similar situation. The company can be real or fictitious, but the framework and problems that it faces should be similar. The assignments that you complete each week are based on the problems and potential solutions that similar companies may face. The end goal for these assignments is to analyze the problems that the company faces with respect to the upcoming audit, and provide guidance on how it can provide security for its infrastructure.
The case study shows a company that is growing, and its security posture needs to be updated based on this growth. Based on the recent initial public offering (IPO), the company has new regulatory requirements that it must meet. To meet these requirements, a review of the current security must be conducted. This provides a chance to review the current security mechanisms and analyze the threats that the company could face. In addition, the company needs to expand its current network infrastructure to allow employees to work more efficiently, but in a secure environment. What problems does the company currently face, and how does the expansion pose new threats?
Choose and describe the company that you will use in the scenario. Describe the need for information security, what potential issues and issues risks exist, and what benefits the company can gain from the new project. Describe what new challenges exist with the new project to allow consultants to work on-site. What challenges now apply to the company with respect to the recent IPO?
The template document should follow this format:
• Security Management Document shell
o Use Word
o Title page
 Course number and name
 Project name
 Your name
 Date
o Table of Contents (TOC)
 Use an autogenerated TOC.
 This should be on a separate page.
 This should be a maximum of 3 levels deep.
 Be sure to update the fields of the TOC so that it is up-to-date before submitting your project.
o Section Headings (create each heading on a new page with “TBD” as content, except for Week 1)
 Week 1: Introduction to Information Security
 This section will describe the organization and establish the security model that it will use.
 Week 2: Security Assessment
 This section will focus on risks that are faced by organizations and how to deal with or safeguard against them.
 Week 3: Access Controls and Security Mechanisms
 This section examines how to control access and implement sound security controls to ensure restricted access to data.
 Week 4: Security Policies, Procedures, and Regulatory Compliance
 This section will focus on the protection of data and regulatory requirements that the company needs to implement.
 Week 5: Network Security
 This section combines all of the previous sections and gives the opportunity to examine the security mechanisms that are needed at the network level.
Create the following section for Week 1:
• Week 1: Introduction to Information Security
o Choose and describe the company that you will use in this scenario.
o Describe the need for information security, what potential risks or issues exist, and what benefits the company can gain from the new project.
o Describe what new challenges exist with the new project to allow consultants to work on-site.
o What challenges now apply to the company with the recent IPO taking place?
• Section 1 should be 2–3 pages long.
• Name the document “CS651_FirstnameLastname_IP1.doc.”

 

This question has been answered.

Get Answer