User Account

All Pages

Describe specific plans and control objectives

Assignment Help Management Information Sys
Reference no: EM13892343

This assignment consists of five (5) parts:

Part 1: Organization Chart

Part 2: Request for Proposal (RFP) Plan

Part 3: Physical Security Plan

Part 4: Enterprise Information Security Compliance Program

Part 5: Risk Management Plan

Imagine that you have been recently promoted to serve as Chief Information Security Officer (CISO) for a Fortune 500 organization. This organization has known brand products across the world and expects top-secret methods for safeguarding proprietary information on its recipes and product lines. The Board of Directors request that their information security strategy be upgraded to allow greater opportunities of secure cloud collaboration between suppliers and resellers of their products. Another concern they have is the recent number of hacktivist attacks that have caused the network to fail across the enterprise. Their concern extends to making sure that they have controlled methods for accessing secured physical areas within their various regional facilities.

For your new position, you will be responsible for developing standards, methods, roles, and recommendations that will set the new IT security path for the organization. The existing organization has limited experience in supporting an enhanced level of IT security; therefore, you may need to outsource certain security services.

Additionally, you may create and / or assume all necessary assumptions needed for the completion of this assignment.

Write an eight to twelve (8-12) page paper in which you provide the following deliverables:

Part 1: Organization Chart

1. Use Visio or an Open Source alternative, such as Dia, to:

a. Create an organization chart in which you:

i. Illustrate the roles that will be required to ensure design, evaluation, implementation, and management of security programs
for the organization.

ii. Within your organizational chart, clearly identify the reporting structure for roles such as IT Security Compliance Officer, Security Manager, CIO, CISO, IT Security Engineer, Privacy Security Professional, and IT Procurement Specialist.

iii. List the types of resources required to fulfill the each forensic duty of the organization below each of the roles you identified.

iv. Align your organization chart to reflect the Department of Homeland Security (DHS) Essential Body of Knowledge's three (3) areas of information security: physical security professional, privacy professional, and procurement professional. Provide comments and comparisons on how your organizational chart fosters these three (3) values.

Part 2: Request for Proposal (RFP) Plan

2. Develop a Request for Proposal (RFP) plan to solicit qualified vendors that could partner with your internal team to deliver optimum IT service delivery. The RFP Plan should contain qualifying criteria of potential vendors and the responsibilities of the vendor once  the contract is awarded. As part of the plan, you must:

a. Describe at least two (2) perspectives that need to be closely monitored within the contract.

b. Give your perspective on at least two (2) methods that could be used to evaluate and develop a qualified trusted supplier list.

Part 3: Physical Security Plan

3. Recommend a physical security plan that could be used to protect sensitive areas such as telecom rooms, employee only areas, and manufacturing facilities in which you:

a. Include at least three (3) specific methods.

Part 4: Enterprise Information Security Compliance Program

4. Establish an enterprise information security compliance program that addresses the concerns of the board of directors of the  organization in which you:

a. Describe specific plans and control objectives that could be adopted to address the known issues.

b. Suggest at least three (3) information security policies that could be developed and practiced within the organization for data security assurance.

c. Outline the steps you would take to define the security needs of the organization in terms of duties, staffing, training, and processes.

Part 5: Risk Management Plan

5. Develop a risk management plan in which you:

a. Describe at least three (3) possible risk management efforts that could be used to assess threats and unknown issues.

b. Determine why defining priorities is an important part of the process when enumerating and having efficient risk control measures.

c. Suggest specific technical and management controls that could be enacted in order to monitor risks accurately.

6. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Reference no: EM13892343

Questions Cloud

Explain why increase from last quarter to current quarter : Analysis of the key business forms and the key expenses it can be said that the decision taken has been taken considering each and every item of expenses and that there is proper control over the expenses and the overall management of the expenses..
What evidence-based strategies would you use? : What evidence-based strategies would you use?
What difference in pressure between inside and outside air : What is the difference in pressure between the inside and outside air? Assume the air flow to be laminar (non-turbulent) and non-viscous. The density of air is 1.30 kg/m3.
What is total rate of return on security a over the interval : Calculate the rate of capital gain (or loss) over the interval from time t-1 to time t. Over that interval, what is the dividend yield? What is the total rate of return on Security A over the interval from time t-1 to time t?
Describe specific plans and control objectives : Establish an enterprise information security compliance program that addresses the concerns of the board of directors of the  organization in which you: Describe specific plans and control objectives that could be adopted to address the known issue..
Information collected through online forms : Name three ways online advertising networks have improved on, or added to, traditional offline marketing techniques. Explain how behavioral targeting is supposed to benefit both consumers and businesses. How does information collected through online ..
Calculate the rate of return on the portfolio for january : Suppose the investor had constructed his portfolio by taking a short position in Security H equal to 20% of his initial funds. Calculate the rate of return on the portfolio for January.
Terms of emerging threats from disruptive technologies : Where has Microsoft been effective in addressing challenges from disruptive business models? If you were a high-level consultant to senior leadership at Microsoft, what recommendations would you offer in terms of emerging threats from disruptive t..
What could be a potential problem when trying to reach goal : What could be a potential problem when trying to reach that goal?

Reviews

Write a Review

Management Information Sys Questions & Answers

  Information technology and the changing fabric

Illustrations of concepts from organizational structure, organizational power and politics and organizational culture.

  Case study: software-as-a-service goes mainstream

Explain the questions based on case study. case study - salesforce.com: software-as-a-service goes mainstream

  Research proposal on cloud computing

The usage and influence of outsourcing and cloud computing on Management Information Systems is the proposed topic of the research project.

  Host an e-commerce site for a small start-up company

This paper will help develop internet skills in commercial services for hosting an e-commerce site for a small start-up company.

  How are internet technologies affecting the structure

How are Internet technologies affecting the structure and work roles of modern organizations?

  Segregation of duties in the personal computing environment

Why is inadequate segregation of duties a problem in the personal computing environment?

  Social media strategy implementation and evaluation

Social media strategy implementation and evaluation

  Problems in the personal computing environment

What is the basic purpose behind segregation of duties a problem in the personal computing environment?

  Role of it/is in an organisation

Prepare a presentation on Information Systems and Organizational changes

  Perky pies

Information systems to adequately manage supply both up and down stream.

  Mark the equilibrium price and quantity

The demand schedule for computer chips.

  Visit and analyze the company-specific web-site

Visit and analyze the Company-specific web-site with respect to E-Commerce issues

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd