You will be creating subsidiary management plans of a Project Management Plan using the information found in the case study provided (attached). Please, for this assignment, do not take "Assessment….
This assignment is intended to be a simulation of the operations of an Information Technology department at a business, I’ve chosen a business, (Company Name: Seattle <link is hidden> Primary product and service is <link is hidden> and voice activation/ recognition like Amazon Alexa. Company size (Number of employees : 50)
My role is a Chief Information Security Officer (CISO)
This role means this person is responsible for making sure the company’s information is secure. This sounds like the role of the CPO but is different, even though the two work closely together and will have overlapping goals and tasks.
Who Should Take This:
A person who is interested in network security and personal technological security. This is closely related to the CPO but more concerned with the security measures that can be taken rather than the consequences of personal data breaches or protecting the privacy of an employee. The CISO is the guy who likes reading about hackers, new viruses on the market and curious about how to protect from them.
Long-Term Responsibilities (Quarter Reports):
Privacy and Security Education Plan: This report is done collaboratively with the Chief Privacy Officer. You will also be responsible for developing a plan of educating the employees about how to be secure with their data, outlining the important aspects you will educate them on (phishing, etc.) and then explaining how it would be implemented. This will be part of the education that they will receive on who to protect their privacy. Only one report needs to be submitted between the CISO and CPO.
Security Breach Contingency Plan: You will create a document detailing a plan in case of a security breach in the company. This will involve finding a security breach that exists on the internet, researching it and how it happened and then providing details on technological changes that can be done to avoid such a thing in the future. The consequences of the security breach should be discussed as well as the cost listed for possible improvements to avoid it in the future. Estimates are allowed but researched numbers are expected.
Accessibility Report: You will provide a document showing the hierarchy of access of information and what technology will be used to maintain the limits in accessibility. This will be done in collaboration with the CPO.
Development Scenario Responsibilities:
Security Report: You will be required to submit to your CTO that will be a response to how security will be affected, dealt with and the possible consequences of the reaction to the Development Scenario presented in class.
Budget Section: Include in your Security Report a section detailing any spending for any simulated needs for technology, education or spending in response to a development scenario presented to you.