Outline how the triple constraints can affect a project

Assignment Help Management Information Sys
Reference no: EM133671158

Homework: Cyber

Part I

Attention: Microsoft Project is RECOMMENDED for this task. Microsoft Project may be downloaded for free from the University (not available for MacBooks). The instructions for downloading MS Project may be found under "Course Resources" and "Student Success Guide". If you have problems with the instructions, contact Technical Support for assistance. Alternatively, the homework may be completed using Microsoft Excel by creating the GANTT chart in a worksheet (required for MacBook users).

Part A

Develop a 1- to 2-page matrix using the Homework Template that identifies 5-7 key components in creating a security portfolio.

Part B

One of the tools you will use in project management is Microsoft Project. As a CISO, you may not be the person who actively creates the project in Microsoft Project, but you will need to be aware of what this tool is used for in planning projects with regard to time, resources, and budget constraints.

Read the following scenario:

The CISO manages a portfolio for a company that operates in the emergency response sector. One of the projects in the portfolio is the establishment of an emergency response center starting from a single cold site so as to eventually establish a 30-station network.

Using the Gantt chart view in Microsoft Project, create a task list/work breakdown structure. Create one task "Stand up Cold Site." All other tasks are subtasks under this one. Using Project-Project Information, input the Start date as today's date for the Project (do not input any other dates for any tasks). Under this task, create subtasks with logical dependencies for the following:

1) Obtain physical site

2) Coordinate installation of power, communications, and temperature control

3) Install office furniture

4) Install computer hardware

5) Configure software

6) Restore data

7) Assign employees to the site

Add resources to subtasks as follows:

1) Do NOT enter durations, estimated times, constraints, due dates, etc.

2) Input only human resources. Use made-up personnel names and use names of departments or groups where it is reasonable (e.g., information system group, power installation group, system software installation group, security group, etc.).

3) Assign them to tasks.

4) Be sure to assign people to all tasks.

5) Do not worry about people who are over-assigned.

6) Do not assign percent of units, costs, hourly wages, etc.

Part II

Part A

You are a newly hired CISO for the largest student loan company in the United States. Recently, the company launched a new online lending self-service platform targeted at working adults worldwide.

The new platform replaces an out-of-date lending system based on emails for processing loan applications. The online platform will be hosted in a multi-tenant data center and managed by outsourced IT staff. However, the security will be monitored by your internal security team.

Recently, the project has been delayed because of unanswered security concerns about how the company will protect the financial information of job applicants and future students. Your boss has asked you to provide project management to get things get back on track.

Soon after joining the project team, you are asked by the board of directors to illustrate an information security program development model that will be used to secure the new online platform and to provide a project plan for future security assessment activities to measure the security effectiveness of the online platform. They also would like to know how you will categorize resource planning for security monitoring of the online platform so they can make a more informed decision on how best to invest into areas of the company to improve overall security.

Create a 16 slide Microsoft PowerPoint media-rich presentation that includes an introduction slide, conclusion slides , and references slides for the board of directors. Your presentation should:

1) Outline project management.

2) Describe how to use 3 key areas of an information security program development model of your choice.

3) Categorize resource planning for security monitoring of the online platform.

4) Identify the categories of resource planning, and illustrate how stakeholders, personnel, and technology will be used.

Part B

Using the Homework Template, create a 1 to 2 pages Security Assessment Plan worksheet for two activities. Explain how these activities will measure security effectiveness. In the space below the table, describe how you would implement this plan in Microsoft Project.

References and a "Cover Sheet" with your name on it are required for all homeworks.

Part III

Scenario: You have just successfully implemented an online platform at your company. The system has been in production for 6 months processing student loan applications and accepting credit card payments for books and course fees.

The IT director has been asked by the board of directors (BOD) to build a network operations center (NOC) to provide 24/7 support to customers and internal staff. The IT director begins assembling the team who will design and implement a NOC and asks you to lead the development of a security operations center (SOC) to handle security incidents that the organization may encounter. Since the internal security team already monitors security for the online loan processing platform, it's expected that developing a SOC is the next logistical step in maturing the security of the organization.

You are asked by the IT director to create a project charter and include a project scoping statement for the SOC project with a primary focus on how the SOC will comply with the various industry and government information security regulations. The IT director also points out that you need to outline how you plan to manage scheduling, cost, teams, and the quality of the project.

Part A

Using the Homework Template, complete a 2 to 3 pages project charter. Develop a clear and understandable project scoping statement as it relates to the scenario.

Part B

Write a 2 to 3 pages plan in which you:

1) Describe the purpose of a project charter.

2) Outline how the triple constraints can affect a project.

3) Identify at least 3 model project management phases and describe the purpose of each phase.

4) Select one approach to manage scheduling, cost, teams, and quality of a project specifying the use of Microsoft Project or another tool.

5) Propose how you plan to resolve personnel and teamwork issues as they arise.

Part IV

Scenario: As the CISO, you have overseen the security operations center (SOC) implementation and your team has successfully handled a variety of security incidents. The buzz around the company is that the new SOC is friendly and quick to solve incoming requests. However, the NOC implementation has slowed because of project delays and concerns about budget overrun.

One afternoon the chief financial officer (CFO) turned on her computer and opened an email from someone she knew. After she clicked a suspicious web link, the computer screen suddenly went dark then green text began to fill up the screen saying the computer files had been encrypted. The CFO called the help desk, and the SOC responded immediately.

You later learned that your CFO was attacked by a new ransomware attack named Petya. The next morning the CFO called you into her office to explain that the board of directors has called an emergency meeting for next week to discuss the impact of the cyberattack and to learn more about how the NOC and SOC are designed to protect the company and its customers from security incidents like ransomware. She has asked you to prepare for a meeting with the board.

Part A

Develop a 14 to 16 slides Microsoft PowerPoint presentation in which you:

1) Illustrate the information security portfolio hierarchy and the SOC functions that support the company's overall security program. The illustration should include at least three SOC functions.

2) Describe how security operations processes, policies, and procedures are integrated into SOC functions.

3) Explain how you will assess the security effectiveness of the SOC.

4) Describe how your approach could mitigate incidents like the Petya attack.

5) Illustrate the conflicting roles of security operations personnel in reporting audit findings, and offer a logical prediction of how the SOC plans to address these concerns given your current perspective.

Part B

Write a 2 to 3 pages handout for the meeting with the board of directors in which you:

1) Outline computer security incident response.

2) Explain the purpose of a security operations center and its staffing.

3) Describe at least three differences between security operations processes, policies, and procedures.

4) Select one approach to assessing the effectiveness of a security operations center.

5) Explain the possibility of conflicting roles of security operations personnel in reporting audit findings to raise awareness to senior management.

Reference no: EM133671158

Questions Cloud

Opening balance of provision for long service leave : Financial Information: On 1 April 2023, the opening balance of the provision for long service leave was $75,000. For the year ended 31 March 2024,
Type of brokerage firm recommended : Match typical clients with the type of brokerage firm recommended. Drag and drop application.
Which standard discusses the nursing scope of practice : which standard discusses the Nursing Scope of Practice and explain why the 'scope of practice' is important for nurses and or midwives working in the Australian
Tests of controls on substantive audit testing : Discuss the impact of tests of controls on substantive audit testing. What is the tradeoff between tests of controls and substantive audit testing?
Outline how the triple constraints can affect a project : Outline how the triple constraints can affect a project. Identify at least 3 model project management phases and describe the purpose of each phase.
Which divorce ground is most appropriate : Which divorce ground is most appropriate in this case? Can you include any other grounds in the initial Complaint?
Carrying value of each bond issue affected by amortization : How is the carrying value of each bond issue affected by the amortization?
Multinational company with multiple business segments : You work for multinational company with multiple business segments. Your manager explains that he believe fixed overhead should just be included in product cost
Which is estimated to bear same systematic risk : llex Ltd. Is planning to expand its business by investing in a new assembly line technology. The project,which is estimated to bear the same systematic risk.

Reviews

Write a Review

Management Information Sys Questions & Answers

  Information technology and the changing fabric

Illustrations of concepts from organizational structure, organizational power and politics and organizational culture.

  Case study: software-as-a-service goes mainstream

Explain the questions based on case study. case study - salesforce.com: software-as-a-service goes mainstream

  Research proposal on cloud computing

The usage and influence of outsourcing and cloud computing on Management Information Systems is the proposed topic of the research project.

  Host an e-commerce site for a small start-up company

This paper will help develop internet skills in commercial services for hosting an e-commerce site for a small start-up company.

  How are internet technologies affecting the structure

How are Internet technologies affecting the structure and work roles of modern organizations?

  Segregation of duties in the personal computing environment

Why is inadequate segregation of duties a problem in the personal computing environment?

  Social media strategy implementation and evaluation

Social media strategy implementation and evaluation

  Problems in the personal computing environment

What is the basic purpose behind segregation of duties a problem in the personal computing environment?

  Role of it/is in an organisation

Prepare a presentation on Information Systems and Organizational changes

  Perky pies

Information systems to adequately manage supply both up and down stream.

  Mark the equilibrium price and quantity

The demand schedule for computer chips.

  Visit and analyze the company-specific web-site

Visit and analyze the Company-specific web-site with respect to E-Commerce issues

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd