16 Jan {Explain how you intend to implement
COM590 Strategic Planning Cybersecurity
Module 4 Assignment
Answer all Seven (7) questions.
• Submission Requirements
? All sentences must be grammatically correct, and free from spelling errors.
? Your answer for questions 1 to 6 should not exceed 250 words.
? Your answer for question 7 should not exceed 500 words.
? Submit a Single Microsoft Word Document.
? Font: Times New Roman, Size 12, Double-Space.
? Cite all references used in APA format.
1. For each of the seven domains of a typical IT infrastructure, describe a policy you would write and implement for each domain.
2. How does separation of duties throughout an IT infrastructure mitigate risk for an organization?
3. When using a layered security approach to system administration, who would have the highest access privileges?
4. Why do you only want to refer to technical standards in a policy definition document?
5. Explain why the seven domains of a typical IT infrastructure help organizations align to separation of duties.
6. Why is it important for an organization to have a policy definition for business continuity and disaster recovery?
7. Create a security management policy that addresses the management and the separation of duties throughout the seven domains of a typical IT infrastructure. You are to define what the information systems security responsibility is for each of the seven domains of a typical IT infrastructure. From this definition, you must incorporate a definition for the separation of duties into the Procedures section of the policy definition template that you will fill out later in this step.
The scenario you are to work with is for the mock Lone Star Credit Union/Bank:
• The organization is a regional Lone Star Credit Union/Bank that has multiple branches and locations throughout the region.
• Online banking and use of the Internet are the bank’s strengths, given its limited human resources.
• The customer service department is the organization’s most critical business function.
• The organization wants to be in compliance with the Gramm-Leach-Bliley Act (GLBA) and IT security best practices regarding its employees.
• The organization wants to monitor and control use of the Internet by implementing content filtering.
• The organization wants to eliminate personal use of organization-owned IT assets and systems.
• The organization wants to monitor and control use of the e-mail system by implementing e-mail security controls.
• The organization wants to implement this policy for all the IT assets it owns and to incorporate this policy review into its annual security awareness training.
• The organization wants to define a policy framework, including a security management policy defining the separation of duties for information systems security.
Using the following template, create a security management policy with defined separation of duties for the Lone Star Credit Union/Bank organization (this should not be longer than two pages):
Lone Star Credit Union
Policy Name
Policy Statement
{Insert policy verbiage here.}
Purpose/Objectives
{Insert the policy’s purpose as well as its objectives; include a bulleted list of the policy definitions.}
Scope
{Define whom this policy covers and its scope. Which of the seven domains of a typical
IT infrastructure are impacted? All seven must be included in the scope. What elements, IT assets, or organization-owned assets are within the scope of this policy? In this case, you are concerned about which IT assets and elements in each of the domains require information systems security management.}
Standards
{Does this policy point to any hardware, software, or configuration standards? If so, list them here and explain the relationship of this policy to these standards. You need to reference technical hardware, software, and configuration standards for IT assets throughout the seven domains of a typical IT infrastructure.}
Procedures
{Explain how you intend to implement this policy for the entire organization. This is the most important part of the policy definition because you must explain and define your separation of duties throughout the seven domains of a typical IT infrastructure. All seven domains must be listed in this section as well as who is responsible for ensuring CIA and security policy implementation within that domain.}
Guidelines
{Explain any roadblocks or implementation issues that you must overcome in this section and how you will surmount them per defined policy guidelines. Any disputes or gaps in the definition and separation of duties and responsibilities may need to be addressed in this section.}
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteEdu. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.
Do you need help with this question?
Get assignment help from WriteEdu.com Paper Writing Website and forget about your problems.
WriteEdu provides custom & cheap essay writing 100% original, plagiarism free essays, assignments & dissertations.
With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Chat with us today! We are always waiting to answer all your questions.