Your Perfect Assignment is Just a Click Away
We Write Custom Academic Papers

100% Original, Plagiarism Free, Customized to your instructions!

How It Works
Order Now
glass
pen
clip
papers
heaphones

Assessment of risks associated with the implementation

Aug 23, 2022 | Information Systems

Aug 23, 2022 | Information Systems

Assessment of risks associated with the implementation

COMPETENCIES
981.1.1: Capstone

The graduate integrates and synthesizes competencies from across the degree program, thereby demonstrating the ability to participate in and contribute value to the chosen professional field.

INTRODUCTION
In this task, you will design, develop, and implement the capstone project approved by your course instructor.

You will compile the information for your solution into a report based on the prompts below.

Your work for this task will not be evaluated until the appropriate forms from Task 1 have been submitted and evaluated.

REQUIREMENTS
Your submission must be your original work. No more than a combined total of 30% of the submission and no more than a 10% match to any one individual source can be directly quoted or closely paraphrased from sources, even if cited correctly. An originality report is provided when you submit your task that can be used as a guide.

You must use the rubric to direct the creation of your submission because it provides detailed criteria that will be used to evaluate your work. Each requirement below may be evaluated by more than one rubric aspect. The rubric aspect titles may contain hyperlinks to relevant portions of the course.

Tasks may not be submitted as cloud links, such as links to Google Docs, Google Slides, OneDrive, etc., unless specified in the task requirements. All other submissions must be file types that are uploaded and submitted as attachments (e.g., .docx, .pdf, .ppt).

A. Write an executive report that includes the following requirements:

• the security problem under investigation

• background information about the problem

• a root cause analysis of the problem

• a description of the stakeholders

• an analysis of systems, processes, or both

• a description of the project requirements

• the data available or the data that needs to be collected to support the project

• the industry-standard methodology you used to guide and support the solution’s design and development

• deliverables associated with the design and development of the technology solution

• the strategy for implementing the solution and anticipated outcomes from the project, including phases of the rollout, details of project launch, and training plan for users

• the quality assurance plan for the solution, including formative and summative evaluation plans and plans for revision

• assessment of risks associated with the implementation

• the technology environments, tools, and any related costs, as well as the human resources, that are necessary to execute each project phase

• a projected timeline, including milestones, start and end dates, duration for each milestone, dependencies, and resources assigned to each task

• the framework that will be used to assess the success of the project and assess if the security solution meets stakeholder’s needs, including test cases and acceptance criteria

B. Design and develop a technology-supported security solution that addresses your identified business problem or organizational need.

1. Your solution must contribute to at least one of the following major security areas:

Cyberlaw, Regulations, and Compliance

Leadership and Professionalism

Security Planning and Management

Systems Security

2. Provide a summary that explains how your solution meets the following criteria:

• facilitates the development of consensus-based codes of conduct

• promotes the adoption of standards and practices

• promotes automation in cybersecurity

• improves and modernizes security assurance

• implements industry-standard security tools and infrastructure or environment

• collects digital evidence, including data for analysis or forensics

• provides cybersecurity plans, strategies, and policies

• implements confidentiality, integrity, and availability

• mitigates cybersecurity threats

• investigates cybersecurity incidents or crimes

• includes decision-support functionality

• provides a training plan for users

C. Create each of the following forms of documentation for the solution you have developed:

• a subset of comprehensive elements of cybersecurity plans, policies, standards, or procedures

• analysis of the alignment of the solution with organizational cybersecurity initiative or regulatory compliance

• assessment of the solution’s implementation, including testing results and implemented revisions

• applications, tools, installation, and user guides for any other environment used

• assessment of the efficiency of the solution

• post-implementation systems and process analysis, including diagrams or descriptions of the environment

• post-implementation risk assessment

• analysis of collected data

• analysis of the final output

• stakeholder impact analysis

• post-implementation and maintenance plans for the solution, including supporting resources

• the results from the solution testing and revisions

• training plan for users

• control deficiencies analysis that includes a plan of action and milestones

• source code and executable files, with installation and user guides, if applicable

• artifacts from the domain your solution addresses (listed below)

Domain: Cyber Risk Management and Oversight

– organization chart

– cybersecurity-related policies and procedures

– strategic plans

– cybersecurity job descriptions

– cybersecurity personnel qualifications

– risk assessments

– data loss prevention analysis

– IT audit schedule

– IT audit reports and correspondence

– audit exception tracking

– risk management reports

– cybersecurity training policies and procedures

– cybersecurity training and awareness materials

Domain: Cybersecurity Controls

– list of physical access controls (e.g., key cards, biometric controls, video cameras)

– baseline security configuration standards

– vulnerability or patch management policies and procedures

– patch management reports

– penetration test results and reports

– vulnerability assessments

– continuous monitoring strategy

Domain: External Dependency Management

– list of third parties and subcontractors

– contracts governing all third-party relationships

– inventory of all third-party connections

– network topology/diagram

– independent reports on the service provider’s security controls

– remote access logs

– third-party employee access reviews

– vendor management policies and procedures

Domain: Threat Intelligence and Collaboration

– list of threat intelligence resources (e.g., industry groups, consortiums, threat and vulnerability reporting services)

– management reports on cyber intelligence

Domain: Cyber Resilience

– cybersecurity event log and reports on cyber incidents

– business impact analysis

– business or corporate continuity plan

– results of resilience testing

– resilience testing reports

– cyber incident response plans

– crisis management plans

– data loss prevention analysis

– continuous monitoring strategy

D. Acknowledge sources, using in-text citations and references, for content that is quoted, paraphrased, or summarized.

E. Demonstrate professional communication in the content and presentation of your submission.

RUBRIC
PROGRAM OUTCOME 1: THE GRADUATE DEVELOPS CYBERSECURITY PLANS, STRATEGIES, AND POLICIES TO SUPPORT AND ALIGN WITH ORGANIZATIONAL CYBERSECURITY INITIATIVES AND REGULATORY COMPLIANCE:

COMPETENT: The submission develops cybersecurity plans, strategies, and policies that support and align with organizational cybersecurity initiatives and regulatory compliance.

PROGRAM OUTCOME 2: THE GRADUATE PROVISIONS INFORMATION TECHNOLOGY INFRASTRUCTURE TO ENSURE THAT IT PROVIDES CONFIDENTIALITY, INTEGRITY, AND AVAILABILITY:

COMPETENT: The submission provisions information technology infrastructure to ensure it provides confidentiality, integrity, and availability.

PROGRAM OUTCOME 3: THE GRADUATE OPERATES HARDWARE, SOFTWARE, AND VIRTUAL ENVIRONMENTS TO ENSURE EFFECTIVE AND EFFICIENT INFORMATION TECHNOLOGY SYSTEM PERFORMANCE AND SECURITY:

COMPETENT: The submission demonstrates the ability to operate hardware, software, and virtual environments to ensure effective and efficient information technology system performance and security.

PROGRAM OUTCOME 4: THE GRADUATE DEFENDS INFORMATION TECHNOLOGY INFRASTRUCTURE BY ANALYZING AND MITIGATING CYBERSECURITY THREATS:

COMPETENT

The submission demonstrates the ability to defend information technology infrastructure by analyzing and mitigating cybersecurity threats.

PROGRAM OUTCOME 5: THE GRADUATE INVESTIGATES CYBERSECURITY INCIDENTS OR CRIMES RELATED TO INFORMATION TECHNOLOGY AND DIGITAL EVIDENCE BY COLLECTING AND ANALYZING CYBERSECURITY INFORMATION:

COMPETENT

The submission demonstrates the ability investigate cybersecurity incidents or crimes related to information technology and digital evidence by collecting and analyzing cybersecurity information.

D: Sources

COMPETENT

The submission includes in-text citations for sources that are properly quoted, paraphrased, or summarized and a reference list that accurately identifies the author, date, title, and source location as available, or the candidate does not use sources.

E: PROFESSIONAL COMMUNICATION COMPETENT

Content reflects attention to detail, is organized, and focuses on the main ideas as prescribed in the task or chosen by the candidate. Terminology is pertinent, is used correctly, and effectively conveys the intended meaning. Mechanics, usage, and grammar promote accurate interpretation and understanding.

Applied Sciences
Architecture and Design
Biology
Business & Finance
Chemistry
Computer Science
Geography
Geology
Education
Engineering
English
Environmental science
Spanish
Government
History
Human Resource Management
Information Systems
Law
Literature
Mathematics
Nursing
Physics
Political Science
Psychology
Reading
Science
Social Science
Liberty University
New Hampshire University
Strayer University
University Of Phoenix
Walden University
Home
Homework Answers
Blog
Archive
Tags
Reviews
Contact
twitterfacebook
Copyright © 2022 SweetStudy.comSWEETSTUDY.COM – YOUR HOMEWORK ANSWERS
chat0
Home.Literature.
Help.
Log in / Sign up
Capstone
profile
abell442

ProjectInstructions.docx
Home>Information Systems homework help>Capstone
Table of Contents COMPETENCIES 1 INTRODUCTION 1 REQUIREMENTS 1 RUBRIC 4

COMPETENCIES
981.1.1: Capstone

The graduate integrates and synthesizes competencies from across the degree program, thereby demonstrating the ability to participate in and contribute value to the chosen professional field.

INTRODUCTION
In this task, you will design, develop, and implement the capstone project approved by your course instructor.

You will compile the information for your solution into a report based on the prompts below.

Your work for this task will not be evaluated until the appropriate forms from Task 1 have been submitted and evaluated.

REQUIREMENTS
Your submission must be your original work. No more than a combined total of 30% of the submission and no more than a 10% match to any one individual source can be directly quoted or closely paraphrased from sources, even if cited correctly. An originality report is provided when you submit your task that can be used as a guide.

You must use the rubric to direct the creation of your submission because it provides detailed criteria that will be used to evaluate your work. Each requirement below may be evaluated by more than one rubric aspect. The rubric aspect titles may contain hyperlinks to relevant portions of the course.

Tasks may not be submitted as cloud links, such as links to Google Docs, Google Slides, OneDrive, etc., unless specified in the task requirements. All other submissions must be file types that are uploaded and submitted as attachments (e.g., .docx, .pdf, .ppt).

A. Write an executive report that includes the following requirements:

• the security problem under investigation

• background information about the problem

• a root cause analysis of the problem

• a description of the stakeholders

• an analysis of systems, processes, or both

• a description of the project requirements

• the data available or the data that needs to be collected to support the project

• the industry-standard methodology you used to guide and support the solution’s design and development

• deliverables associated with the design and development of the technology solution

• the strategy for implementing the solution and anticipated outcomes from the project, including phases of the rollout, details of project launch, and training plan for users

• the quality assurance plan for the solution, including formative and summative evaluation plans and plans for revision

• assessment of risks associated with the implementation

• the technology environments, tools, and any related costs, as well as the human resources, that are necessary to execute each project phase

• a projected timeline, including milestones, start and end dates, duration for each milestone, dependencies, and resources assigned to each task

• the framework that will be used to assess the success of the project and assess if the security solution meets stakeholder’s needs, including test cases and acceptance criteria

B. Design and develop a technology-supported security solution that addresses your identified business problem or organizational need.

1. Your solution must contribute to at least one of the following major security areas:

Cyberlaw, Regulations, and Compliance

Leadership and Professionalism

Security Planning and Management

Systems Security

2. Provide a summary that explains how your solution meets the following criteria:

• facilitates the development of consensus-based codes of conduct

• promotes the adoption of standards and practices

• promotes automation in cybersecurity

• improves and modernizes security assurance

• implements industry-standard security tools and infrastructure or environment

• collects digital evidence, including data for analysis or forensics

• provides cybersecurity plans, strategies, and policies

• implements confidentiality, integrity, and availability

• mitigates cybersecurity threats

• investigates cybersecurity incidents or crimes

• includes decision-support functionality

• provides a training plan for users

C. Create each of the following forms of documentation for the solution you have developed:

• a subset of comprehensive elements of cybersecurity plans, policies, standards, or procedures

• analysis of the alignment of the solution with organizational cybersecurity initiative or regulatory compliance

• assessment of the solution’s implementation, including testing results and implemented revisions

• applications, tools, installation, and user guides for any other environment used

• assessment of the efficiency of the solution

• post-implementation systems and process analysis, including diagrams or descriptions of the environment

• post-implementation risk assessment

• analysis of collected data

• analysis of the final output

• stakeholder impact analysis

• post-implementation and maintenance plans for the solution, including supporting resources

• the results from the solution testing and revisions

• training plan for users

• control deficiencies analysis that includes a plan of action and milestones

• source code and executable files, with installation and user guides, if applicable

• artifacts from the domain your solution addresses (listed below)

Domain: Cyber Risk Management and Oversight

– organization chart

– cybersecurity-related policies and procedures

– strategic plans

– cybersecurity job descriptions

– cybersecurity personnel qualifications

– risk assessments

– data loss prevention analysis

– IT audit schedule

– IT audit reports and correspondence

– audit exception tracking

– risk management reports

– cybersecurity training policies and procedures

– cybersecurity training and awareness materials

Domain: Cybersecurity Controls

– list of physical access controls (e.g., key cards, biometric controls, video cameras)

– baseline security configuration standards

– vulnerability or patch management policies and procedures

– patch management reports

– penetration test results and reports

– vulnerability assessments

– continuous monitoring strategy

Domain: External Dependency Management

– list of third parties and subcontractors

– contracts governing all third-party relationships

– inventory of all third-party connections

– network topology/diagram

– independent reports on the service provider’s security controls

– remote access logs

– third-party employee access reviews

– vendor management policies and procedures

Domain: Threat Intelligence and Collaboration

– list of threat intelligence resources (e.g., industry groups, consortiums, threat and vulnerability reporting services)

– management reports on cyber intelligence

Domain: Cyber Resilience

– cybersecurity event log and reports on cyber incidents

– business impact analysis

– business or corporate continuity plan

– results of resilience testing

– resilience testing reports

– cyber incident response plans

– crisis management plans

– data loss prevention analysis

– continuous monitoring strategy

D. Acknowledge sources, using in-text citations and references, for content that is quoted, paraphrased, or summarized.

E. Demonstrate professional communication in the content and presentation of your submission.

RUBRIC
PROGRAM OUTCOME 1: THE GRADUATE DEVELOPS CYBERSECURITY PLANS, STRATEGIES, AND POLICIES TO SUPPORT AND ALIGN WITH ORGANIZATIONAL CYBERSECURITY INITIATIVES AND REGULATORY COMPLIANCE:

COMPETENT: The submission develops cybersecurity plans, strategies, and policies that support and align with organizational cybersecurity initiatives and regulatory compliance.

PROGRAM OUTCOME 2: THE GRADUATE PROVISIONS INFORMATION TECHNOLOGY INFRASTRUCTURE TO ENSURE THAT IT PROVIDES CONFIDENTIALITY, INTEGRITY, AND AVAILABILITY:

COMPETENT: The submission provisions information technology infrastructure to ensure it provides confidentiality, integrity, and availability.

PROGRAM OUTCOME 3: THE GRADUATE OPERATES HARDWARE, SOFTWARE, AND VIRTUAL ENVIRONMENTS TO ENSURE EFFECTIVE AND EFFICIENT INFORMATION TECHNOLOGY SYSTEM PERFORMANCE AND SECURITY:

COMPETENT: The submission demonstrates the ability to operate hardware, software, and virtual environments to ensure effective and efficient information technology system performance and security.

PROGRAM OUTCOME 4: THE GRADUATE DEFENDS INFORMATION TECHNOLOGY INFRASTRUCTURE BY ANALYZING AND MITIGATING CYBERSECURITY THREATS:

COMPETENT

The submission demonstrates the ability to defend information technology infrastructure by analyzing and mitigating cybersecurity threats.

PROGRAM OUTCOME 5: THE GRADUATE INVESTIGATES CYBERSECURITY INCIDENTS OR CRIMES RELATED TO INFORMATION TECHNOLOGY AND DIGITAL EVIDENCE BY COLLECTING AND ANALYZING CYBERSECURITY INFORMATION:

COMPETENT

The submission demonstrates the ability investigate cybersecurity incidents or crimes related to information technology and digital evidence by collecting and analyzing cybersecurity information.

D: Sources

COMPETENT

The submission includes in-text citations for sources that are properly quoted, paraphrased, or summarized and a reference list that accurately identifies the author, date, title, and source location as available, or the candidate does not use sources.

E: PROFESSIONAL COMMUNICATION COMPETENT

Content reflects attention to detail, is organized, and focuses on the main ideas as prescribed in the task or chosen by the candidate. Terminology is pertinent, is used correctly, and effectively conveys the intended meaning. Mechanics, usage, and grammar promote accurate interpretation and understanding.

Applied Sciences
Architecture and Design
Biology
Business & Finance
Chemistry
Computer Science
Geography
Geology
Education
Engineering
English
Environmental science
Spanish
Government
History
Human Resource Management
Information Systems
Law
Literature
Mathematics
Nursing
Physics
Political Science
Psychology
Reading
Science
Social Science
Liberty University
New Hampshire University
Strayer University
University Of Phoenix
Walden University
Home
Homework Answers
Blog
Archive
Tags
Reviews
Contact
twitterfacebook
Copyright © 2022 SweetStudy.com

Order Solution Now