Security Management

Throughout this course, you will be working on several aspects of security management that will result in a Comprehensive Security Management Plan for an organization of your choosing. This plan will allow you to assess the security concerns of your organization and propose needs and changes. The Comprehensive Security Management Plan will introduce methodologies that can be applied to enterprise security design. Each week, you will complete a part of the Comprehensive Security Management Plan, and the final draft will be due at the end of the course. This is the course Key Assignment that you will make contributions to each week.

Project Selection

The first step will be to select a real or hypothetical organization as the target for your Comprehensive Security Management Plan document. This organization will be used as the basis for each of the assignments throughout the course and should conform to the following guidelines:

  • Nontrivial: The selected organization should be large enough to allow reasonable exercise of the security management analysis and planning processes.
  • Domain knowledge: You should be familiar enough with the organization to allow focus on the project tasks without requiring significant time for domain education.
  • Accessibility: You should have good access to the people and other information that is related to the organization because this will be an important part of the process.
  • The selected organization may already have security management in place, but it may still be used as the basis for the projects in this course.
  • The selected organization must have a need for some kind of security management as part of its operations.
    • Feel free to identify a hypothetical organization that meets the requirements.
    • You may make any necessary assumptions to fulfill the requirements of organization selection.

Select an existing organization or identify a hypothetical organization that fits these requirements, and submit your proposal to your instructor before proceeding further with the assignments in the course. Approval should be sought within the first several days of the course through an e-mail proposal to your instructor.

Assignment

The first task in this process will be to select an organization or identify a hypothetical organization to use as the basis of the projects. Next, you will create the shell document for the final project deliverable that will be worked on during each unit. While you proceed through each project phase, content will be added for each section of the document to gradually complete the final project. Appropriate research should be conducted to support the development of the document, and assumptions may be made.

For the first phase of the Comprehensive Security Management Plan document, you will create an enterprise organizational chart in the first document section. A proposed security working group (WG) organization and its ties to the enterprise will be added. Finally, include a 1-page discussion of the flow of information, decision-making communication, and responsibilities of the chief security officer (CSO). Create the skeleton for the Comprehensive Security Management Plan as follows:

  • Use Word
  • Title Page
    • Course number and name
    • Project name
    • Your name
    • Date
  • Table of Contents (TOC)
    • Use an auto-generated TOC.
    • This must be on a separate page.
    • This must be a maximum of 3 levels deep.
    • Be sure to update the fields of the TOC before submitting your project.
  • Section Headings (Create each heading on a new page with “TBD” as content, except for the sections that are listed under “New Content.”)
    • Project Outline (Week 1)
    • Security Requirements (Week 1)
    • Security Business Requirements (Week 2)
    • Security Policy (Week 3)
    • System Design Principles (Week 4)
    • The Training Module (Week 5)
  • References

The following are the project deliverables for Week 1:

  • New Content
    • Project Outline and Security Requirements
      • Include a brief description of the real or hypothetical organization in which the Comprehensive Security Management Plan will be implemented.
        • Include the company’s size, location(s), and other pertinent information.
    • Initial Security Projects
      • Corporate organizational chart
      • WG structure and ties added to corporate organizational chart
      • Memo discussing communication flows with WG
  • Name the document “yourname__IP1.doc.”

Please submit your assignment.

For assistance with your assignment, please use your text, Web resources, and all course materials.

find the cost of your paper