29 Jun Since this is a paper-based exercise, you can assume the organization to be any business entity that maintains a database of customer data. You can imagine yourself being h
Since this is a paper-based exercise, you can assume the organization to be any business entity that maintains a database of customer data. You can imagine yourself being hired as an Info Security consultant to perform a security audit of the organization's IT infrastructure. For your project report describe your assessment of the security measures currently in place and recommend any needed improvements to ensure better IT security in the organization. Please see attachment for further details.
COM 510 – Management of Information Security
Security Assessment Assignment Guidelines
Project Description
The objective of this assignment is to apply what you have learned in this course to carry out a simple exercise of doing
an assessment of the cybersecurity measures put in place in a fictitious business organization. Since this is a paper-based
exercise, you can assume the organization to be any business entity such as such as – a college bookstore that accepts
online textbook purchases, a pharmacy store that maintains a database of customer prescriptions, an auto-insurance
agency that maintains customer data, a car rental business, a travel agency that handles flight and hotel reservations for
clients, etc.
You can imagine yourself being hired as an Info Security consultant to perform a security audit of the fictitious
company's IT infrastructure. Assume that some rudimentary security measures are currently in place, but there is much
room for improvement. For your project report describe your assessment of the security measures currently in place
and recommend any needed improvements to ensure better IT security in the organization.
For the project, you can do a security assessment on either a single IT system or the entire IT infrastructure of an
organization, whichever you think is feasible and manageable.
You may use any NIST Special Publications (e.g. SP800-171, SP1800), or any other national framework as a guide to assist
in your report.
Deliverables: A project report describing your security assessment, as a single Word document
Submit your project to the Security Assessment Dropbox. Due date: End of Week 8 (no later than 11:59 PM Sunday, July 3rd).
You can use the following general guidelines for your project report:
Your project report just needs to be a general assessment of the cybersecurity posture of a business entity. It should be
6-8 pages long (not including the cover page), 12 point character size, 1.15 line spacing, and have 1” margins on all sides.
Your report should include a description of the organization, nature of its business, analysis of the results, and
recommendations for improvement in the form of an action plan.
The project report should broadly cover the following areas:
1) Description of the organization – core operational area, corporation mission & vision, role of information
security in the organization.
2) An assessment of the organization’s documented security policies (Assume that you have been provided access
to its EISP and ISSPs documents outlining its various policies. You can look at some sample EISPs and IISPs on the
internet for ideas of what would be appropriate for the organization)
3) The management controls that are currently in place to secure their IT systems
4) The operational controls that are currently in place to secure their IT systems, and
5) The technical controls that are currently in place to secure their IT systems
6) Results of security assessment – strengths of existing security posture and identification of weakness that need
to be addressed. Include a prioritized list of vulnerabilities that need attention.
7) Recommendations for improvement and an action plan detailing steps for implementing them.
Remember, the main purpose of this project is only to give you an idea of how such assessments are carried out in
practice.
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteEdu. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.
Do you need help with this question?
Get assignment help from WriteEdu.com Paper Writing Website and forget about your problems.
WriteEdu provides custom & cheap essay writing 100% original, plagiarism free essays, assignments & dissertations.
With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Chat with us today! We are always waiting to answer all your questions.