Project #63451 - Security Policy Implementation Security policy plan

Please make sure to do the following for project 1: 

- Carefully review the assignment description.  

- Please make sure to select an organization from the list provided on project 7 as follows: 

·         Department of Defense

·         Department of Homeland Security

·         General Dynamics Information Technology

·         JC Penney’s Corporate Office

·         University of Maryland

·         ITT Technical Institute

·         United States Marine Corp

 

 

 

 

You will create an organizational security plan policy using your assigned readings (pay close attention to Chapter 3 in the Building an Effective Information Security Policy) as well as  the Cybersecurity Frameworkhttp://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf as a resource, creating a two to three page outline for an organizational security plan policy for securing the architecture of the organizations computer assets. You will use this outline to create a security plan security awareness policy in week 8. All critical elements in an organizational plan are to be covered for your plan based on the outline. Address each Enterprise subject area in the Table 4: Initial Framework below. You will prepare an outline for use in preparing a policy based on these subject areas. Confidentiality, Integrity, and Availability will be thoroughly addressed for protection of the enterprise that you choose. Major security controls will be identified. Your outline will provide at least ten headings and list the subject areas with at least two sub-headings in outline format as:

1. Access controls
       a. Select …..
       b. Apply …..

To

10. Privacy
       a. Ensure confidentiality by compliance with HIPAA, ….
       b. Evaluate ….

Each heading and sub-heading will be in complete sentences that will define your plan to complete the plan for an effective enterprise policy.

Table 4: Initial Framework

 

Building an Effective Information Security Policy Architecture

By Sandy Bacik, Copyright Sandy Bacik © 2008, Publisher: CRC Press

 

Enterprise Area

ISO 17799

SAS70 Type II

GLBA

PCI DSS

EU Privacy

CobIT

Common Criteria

Generally Accepted Privacy Principles

Generally Accepted Security Principles

Access Control

X

X

X

X

X

X

X

X

X

Application Development

X

X

 

 

X

X

X

 

X

Asset Management

X

X

 

X

X

 

 

 

X

Business Operations

X

X

 

X

X

X

X

X

 

Communications

X

X

X

X

X

X

X

X

X

Compliance

X

X

X

X

X

X

 

 

 

Corporate Governance

X

 

 

 

X

X

 

 

 

Customers

X

X

X

X

X

X

 

X

X

Incident Management

X

X

X

X

X

X

X

X

X

IT Operations

X

X

X

X

X

X

X

X

X

Outsourcing

X

X

 

X

X

X

X

X

X

Physical/Environmental

X

X

 

 

 

 

X

 

X

Policies & Procedures

X

X

 

X

X

X

X

X

X

Privacy

X

X

X

X

X

 

 

X

 

Security

X

X

 

X

X

X

X

 

X

 

 

 

 

 

 

 

 

 

 

Provided for the personal use of Personal account, University of Maryland University College Library, as a subscription benefit of Books24x7, http://www.books24x7.com/, and is governed by the terms of the Membership Agreement, http://www.books24x7.com/mhelp.asp?item=membership

 


 

 

 

Subject Computer
Due By (Pacific Time) 03/28/2015 02:00 pm
Report DMCA
TutorRating
pallavi

Chat Now!

out of 1971 reviews
More..
amosmm

Chat Now!

out of 766 reviews
More..
PhyzKyd

Chat Now!

out of 1164 reviews
More..
rajdeep77

Chat Now!

out of 721 reviews
More..
sctys

Chat Now!

out of 1600 reviews
More..
sharadgreen

Chat Now!

out of 770 reviews
More..
topnotcher

Chat Now!

out of 766 reviews
More..
XXXIAO

Chat Now!

out of 680 reviews
More..
All Rights Reserved. Copyright by AceMyHW.com - Copyright Policy