Security Management

Assignment Objectives

 

Articulate why compliance with security policies, standards and

 

procedures are necessary to preserve the integrity of a secure system.

 

Demonstrate the role and importance of Security Awareness and Security

 

Training in the operation and administration of an enterprise level

 

security system.

 

Assignment details.

 

Key Assignment

 

You will submit the Key Assignment Final Draft. In addition, a summary

 

of 3–5 pages for the Security Training module section of the

 

Comprehensive Security Management Plan will be included as the final

 

section.

 

The final step in developing the Comprehensive Security Management

 

Plan is to define a training module. Begin by defining all roles

 

(management, developers, administrators, clerical, etc.) that have

 

security training and awareness needs. Then, suggest a list of courses

 

and workshops. With the list of roles and list of courses and

 

workshops, create a cross-reference in the form of a matrix that

 

includes all of the training needs. In 3–5 pages for the training

 

module, include the list of roles, courses with detailed information,

 

and the training matrix.

The project deliverables are the following:

Update the Comprehensive Security Management Plan title page with new date.

 

Update the previously completed sections based on the instructor’s and

 

your peers’ feedback.

 

Use the subheading “The Training Module.”

 

Define a training module.

Include a list of roles (developers, administrators, clerical, etc.).

Include a list of courses and workshops.

 

Include a cross-reference matrix of training.

 

Finalize the Comprehensive Security Management Plan.

 

Review the entire document for any changes and improvements to be made.

 

Ensure that this final version of the plan is sufficiently detailed to

 

allow the organization to confidently move forward with the

 

implementation of the Comprehensive Security Management Plan based on

 

recommendations.

 

Any previous feedback should be addressed with appropriate changes.

Be sure to update the table of contents before submission.

Name the document “yourname_CS654_IP5.doc.”

Part 1 Tasks (Objectives from Weeks 1–4)

This course has been comprised of a series of Individual Project

assignments that have contributed to a Key Assignment submission at

the end of the course. Each week, you have completed a part of a

Comprehensive Security Management Plan. The Key Assignment should

include the following tasks:

Week 1: Security Working Group (WG)

Discussion of the enterprise security management responsibilities

implemented as a service with contributions from roles throughout the

enterprise using the WG model applied to the project

A definition of roles and responsibilities for management of security

using the WG model applied to the project

An understanding of communication flows with the WG model with

application to the project

Week 2: Needs Assessment

Description of existing organization and what it already has in place

for a security architecture

Week 3: Security Policy Content and Risk

An overview of the content that should exist in security policy,

security standards, security procedures, other related security

documentation

Week 4: Security Models and Design Principles

Key Assignment First Draft for peer review

Relate security design principles to their proposed system changes

Part 2 Tasks (Objective from Week 5):

Week 5: Security Training

Submit the Key Assignment Final Draft.

Analyze previous submissions, and make changes as necessary to the

final paper to be prepared this week.

Continue development of the Comprehensive Security Management Plan

with a training module for explaining the roles and security training

and behavioral needs for each.