Project 1 – Security Policy Framework

Project 1 – Security Policy Framework

You will create an organizational security plan policy using your assigned readings (pay close attention to Chapter 3 in the Building an Effective Information Security Policy) as well as  the Cybersecurity Framework http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf as a resource, creating a two to three page outline for an organizational security plan policy for securing the architecture of the organizations computer assets. You will use this outline to create a security plan security awareness policy in week 8. All critical elements in an organizational plan are to be covered for your plan based on the outline. Address each Enterprise subject area in the Table 4: Initial Framework below. You will prepare an outline for use in preparing a policy based on these subject areas. Confidentiality, Integrity, and Availability will be thoroughly addressed for protection of the enterprise that you choose. Major security controls will be identified. Your outline will provide at least ten headings and list the subject areas with at least two sub-headings in outline format as:

1. Access controls
a. Select …..
b. Apply …..

To

10. Privacy
a. Ensure confidentiality by compliance with HIPAA, ….
b. Evaluate ….

Each heading and sub-heading will be in complete sentences that will define your plan to complete the plan for an effective enterprise policy.

Table 4: Initial Framework

Building an Effective Information Security Policy Architecture
By Sandy Bacik, Copyright Sandy Bacik © 2008, Publisher: CRC Press

Enterprise Area    ISO 17799    SAS70 Type II    GLBA    PCI DSS    EU Privacy    CobIT    Common Criteria    Generally Accepted Privacy Principles    Generally Accepted Security Principles
Access Control    X    X    X    X    X    X    X    X    X
Application Development    X    X              X    X    X         X
Asset Management    X    X         X    X                   X
Business Operations    X    X         X    X    X    X    X
Communications    X    X    X    X    X    X    X    X    X
Compliance    X    X    X    X    X    X
Corporate Governance    X                   X    X
Customers    X    X    X    X    X    X         X    X
Incident Management    X    X    X    X    X    X    X    X    X
IT Operations    X    X    X    X    X    X    X    X    X
Outsourcing    X    X         X    X    X    X    X    X
Physical/Environmental    X    X                        X         X
Policies & Procedures    X    X         X    X    X    X    X    X
Privacy    X    X    X    X    X              X
Security    X    X         X    X    X    X         X

Provided for the personal use of Personal account, University of Maryland University College Library, as a subscription benefit of Books24x7, http://www.books24x7.com/, and is governed by the terms of the Membership Agreement, http://www.books24x7.com/mhelp.asp?item=membership

Place this order with us and get 18% discount now! to earn your discount enter this code: special18  If you need assistance chat with us now by clicking the live chat button.