Developing system security plans using guidance

Assignment Help Computer Engineering

Reference no: EM133550260

Question: A recent risk assessment highlighted the need for Red Clay to formalize the security measures required to protect information, information systems, and the information infrastructures for the company's headquarters and field offices. The CISO has proposed a plan of action which includes developing system security plans using guidance from NIST SP-800-18 Guide for Developing Security Plans for Federal Information Systems.

The CISO asked you to prepare a two page, draft briefing paper (5-7 paragraphs) for the IT Governance Board and Red Clay Renovations Board of Directors that introduces Security Control Classes and Security Control Families related to Red Clay risks. This audience is familiar with financial controls but has not yet been introduced to the use of controls in the context of IT security. You should leverage their knowledge in your explanations of the control classes and families. If necessary, research "financial controls" as well as IT security controls before writing this briefing paper.

Your draft briefing paper should include the following items:

An introduction telling the IT Governance Board and the Red Clay Board of Directors the purpose of the draft briefing paper.
A description of each control class (managerial, operation, and technical). THEN, write a descriptive paragraph explaining how three these specific control classes will work together to protect the Red Clay Renovations IT Infrastructure for the Wilmington, DE Offices (Headquarters).
From the below table, choose one family control from each of the management, operational, and technical control classes.
Write a description of each family control, THEN write a descriptive paragraph explaining how each family control will work to protect Red Clay's IT infrastructure.
Select two sub-family controls (i.e., AC1 and AC6) from each family control. THEN, write a descriptive example of how this sub-family-control will protect the Red Clay infrastructure. Your examples should relate to the Red Clay case study.

Reference no: EM133550260

Questions Cloud

Discuss what you think should be included in network access : Based on your own knowledge and experience discuss what you think should be included in Network Access Policy? Should users be allowed to bring

Explain how leeuwenhoek observations and linnaeus : Explain how Leeuwenhoek's observations and Linnaeus's classification scheme led to the beginnings of microbiology. Compare and contrast prokaryotes

Which factors are most important in understanding diagnosis : Which factors are most important in understanding Baruti's cardiovascular disease diagnosis (for example, age, genetic predisposition, access to healthcare)?

Determining ancestry further back than a few generations : How good are tests and determining ancestry further back than a few generations? If your test determines you are 17% Irish and 35%

Developing system security plans using guidance : Developing system security plans using guidance from NIST SP-800-18 Guide for Developing Security Plans for Federal Information Systems

Explain actions purpose and benefits of this borrowing move : Provide a situation where the government may decide to borrow money. Explain this action's purpose and the benefits of this borrowing move.

Complete a? cause-and-effect diagram to reflect : Complete a? cause-and-effect diagram to reflect? "student dissatisfied with university registration? process." LOADING... Click the icon to view the partially

Identify how personal experience or interests shaped : Identify your chosen topic and what you know about it thus far. Identify how personal experience or interests shaped your choice of this topic over the other

Maximize business model through internet of things : Uses digital marketing, to optimize interactions between people and the business using social media, cloud, mobility and data only

User Account

All Pages