User Account

All Pages

Why should every state in the nation have it security policy

Assignment Help Management Information Sys
Reference no: EM133781134

Assignment: Cybersecurity in Government

Project: Compare / Contrast Two State Government IT Security Policies

For this research-based report, you will perform a comparative analysis that examines the strengths and weaknesses of two existing IT Security Policies published by state governments for their operating departments and agencies (agencies and offices of the executive branch under the leadership of the state governors). (You will select two policies from the table under Research > Item #1.)

Your specific focus for this analysis will be how these state issued policies guide the implementation of (i) Risk Analysis (aligned with NIST SP 800-30 and SP 800-37) and (ii) System Authorization processes aligned with the 7 domains of the Certified Authorization Professional certification.

Your analysis must include consideration of best practices and other recommendations for improving cybersecurity for state government information technology operations (i.e. those operated by or for state agencies and offices). Your paper should also address the question: why should every state in the nation have a comprehensive IT security policy for state agencies and offices that implements risk assessment processes and system authorization processes to reduce and mitigate risk?

Read / Review:

I. Review the 7 domains of the Certified Authorization Professional (in the course textbook):

i. Information Security Risk Management Program
ii. Scope of the Information System
iii. Selection and Approval of Security and Privacy Controls
iv. Implementation of Security and Privacy Controls
v. Assessment/Audit of Security and Privacy Controls
vi. Authorization/Approval of Information System
vii. Continuous Monitoring

II. Review the NIST best practices guidance in NIST SP 800-30 and NIST SP 800-37 (read chapters 1 & 2 in each document).

Research:

I. Select two state governments IT Security Policies from the list below.

State

Illinois
Massachusetts
Michigan
Minnesota
Nebraska
North Carolina
Oklahoma
South Dakota
Virginia

II. Download and review your selected state governments' IT Security Policy documents. If the IT Security policy document refers to a separate System Authorization Policy, download and then include that supporting document in your review and analysis for this project.

III. Analyze the System Authorization processes listed in the two IT Security Policy documents.

a. How well do these align with the best practices listed in the CAP Certification Body of Knowledge?
b. How well do the Risk Assessment processes align with guidance provided in NIST SP 800-30 and NIST SP 800-37?

IV. Continuous your analysis from step III and use it to compare the System Authorization activities listed in the state IT security policies.

a. Develop five or more points that are common across the two documents. (Similarities)
b. Identify and review at least three unique items in each document. (Differences)

V. Research best practices for IT Security and/or IT Security Policies for state governments.

VI. Using your research and your comparison of the two policy documents, develop an answer to the question: Why should every state government have an IT security policy for state agencies and offices under the state's executive branch? Make sure that you address: (i) leadership, (ii) compliance with laws and regulations, and (iii) best practices for good government (especially with respect to cybersecurity practices).

Task

Write a five to eight pages research-based report in which you summarize your research and discuss the similarities and differences between the two IT security policy documents. You should focus upon clarity and conciseness more than length when determining what content to include in your paper. At a minimum, your report must include the following:

I. An introduction or overview of IT Security Policies for the executive branch of state governments (covering state agencies and offices in the executive branch including the governor's office). Explain the purpose of an IT security policy and how states use security policies. Answer the question: why should every state in the nation have a comprehensive IT security policy for state agencies and offices? (Make sure that you address the importance of such strategies to small, resource-poor states as well as to large or wealthy states.)

II. A separate section in which you provide and discuss five or more specific examples of the common principles and policy sections/statements (similarities) found in both IT security policy documents.

III. A separate section in which you discuss the unique aspects of the first state's IT security policy document. Provide five or more specific principles or guidelines or other content that is unique to the policy document.

IV. A separate section in which you discuss the unique aspects of the second state's IT security policy document. Provide five or more specific principles or guidelines or other content that is unique to the policy document.

V. A section in which you discuss your evaluation of which state government has the better of the two IT security policy documents. You should also present five or more best practice recommendations for improvements for both IT security policy documents. (Note: you may have different recommendations for the individual policies depending upon the characteristics of each document.)

VI. A summary section in which you address the need for IT Security Policies at the state government level. Provide a convincing answer to the question: why should every state in the nation have a comprehensive IT security policy for state agencies and offices? Make sure that you address: (i) leadership, (ii) compliance with laws and regulations, and (iii) best practices for good government.

Reference no: EM133781134

Questions Cloud

Distinguish the biblical god from apsu and tiamat : What is the difference between how Yahweh created world and how Marduk did it and what does this difference demonstrate about their respective divine powers?
How has the removal of these observations affected : How has the removal of these observations affected your assessment of the system, based on the control charts? Report the key aspects based on these two charts
Analyze the understanding of the holy spirit in christianity : What is the role of the Holy Spirit prior to the Church Age (creation in Genesis 1-2), in the Old Testament, and down to the Church Age?
Article living in light of life perplexities : How do one agree or disagree with the problems and perplexities presented?
Why should every state in the nation have it security policy : CSIA 360- Provide a convincing answer to question: why should every state in the nation have a comprehensive IT security policy for state agencies and offices?
Explain the role of a biblical teacher : Given that God is the one who transforms, what IS to be the role of the teacher?
Role of the medicine wheel in the indigenous religions : What is the educational role of the Medicine Wheel in the indigenous religions and cultures of North America?
Examining the mayan creation myth popul vuh : What were the Mayan values, ideals and truths and how did this myth express and support Mayan understanding of the creation, the natural world.
Did you notice any differences in your feelings of stress : Did you notice any differences in your feelings of stress and/or anxiety after prayerfully reflecting on the Bible passage " Philippians 4:6 "?

Reviews

Write a Review

Management Information Sys Questions & Answers

  Information technology and the changing fabric

Illustrations of concepts from organizational structure, organizational power and politics and organizational culture.

  Case study: software-as-a-service goes mainstream

Explain the questions based on case study. case study - salesforce.com: software-as-a-service goes mainstream

  Research proposal on cloud computing

The usage and influence of outsourcing and cloud computing on Management Information Systems is the proposed topic of the research project.

  Host an e-commerce site for a small start-up company

This paper will help develop internet skills in commercial services for hosting an e-commerce site for a small start-up company.

  How are internet technologies affecting the structure

How are Internet technologies affecting the structure and work roles of modern organizations?

  Segregation of duties in the personal computing environment

Why is inadequate segregation of duties a problem in the personal computing environment?

  Social media strategy implementation and evaluation

Social media strategy implementation and evaluation

  Problems in the personal computing environment

What is the basic purpose behind segregation of duties a problem in the personal computing environment?

  Role of it/is in an organisation

Prepare a presentation on Information Systems and Organizational changes

  Perky pies

Information systems to adequately manage supply both up and down stream.

  Mark the equilibrium price and quantity

The demand schedule for computer chips.

  Visit and analyze the company-specific web-site

Visit and analyze the Company-specific web-site with respect to E-Commerce issues

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd