Information Systems Security Project
Phase 1 of Final Project
1.) Phase 1 of Final Project: Develop a comprehensive analysis that identifies threats and vulnerabilities to the information systems infrastructure and organizational data.
2.) You may use a fictitious company, one that you researched on the Internet, or your own workplace (although you should use an alias for the company name).
3.) Conduct Internet research for formats that are used for threat analysis.
- Include a short executive summary for this assignment, although you will need to revise this summary for the final paper.
- The threat analysis should be approximately 4 to 5 pages in length, in APA format, and double-spaced for the narrative.
- You may use tables or other graphic representations.
- The paper should include references to any material used in preparing the paper. References are to be cited within your paper as well as on the Reference page using APA format.
- You should use online resources to develop your plans; just make sure to cite these sources. All written work should be your own.
Phase 2 of Final Project
- Phase 2 of Final Project: Provide a comprehensive mitigation strategy based on the threat analysis done in Assignment 2.4.
- As mentioned in Phase 1 of Final Project, you may use a fictitious company, one that you researched on the Internet, or your own workplace (with an alias used for the company name).
- Conduct Internet research for formats that are used for developing and categorizing a security mitigation strategy.
a. Include a short executive summary for this assignment, which you will revise later for use in the final paper.
b. The mitigation strategy should be approximately 4 to 5 pages in length, in APA format, and double-spaced for the narrative.
c. You may use tables or other graphic representations; however, these additions to the paper should not be included in the page count.
d. The paper should include references to any material used in preparing the paper. You should use online resources to develop your plans; just make sure to cite these sources. All written work should be your own.
Phase 3 of Final Project
Phase 3 of Final Project: Write a three- to four-page paper that addresses and reflects upon the following:
- Describe the concepts and practices of designing and implementing a business continuity and disaster recovery plan.
- How might you test a disaster recovery plan?
- What should a risk management plan include?
- How does a change management plan impact the overall risk strategy?
- What are the important concepts that should be included in a security plan for the development of secure software?
Support your writing with at least two outside sources. The paper should be in APA format.
Phase 4 of Final Project
- Phase 4 of the Final Project is a proposal to provide a comprehensive security plan for your organization.
- As the final step of this proposal, you will prepare a comprehensive Security Awareness and business continuity plan (taking what you did in Phase 3 of Final Project and expanding upon the summary) that will be used throughout the organization. The plan should address awareness from the perspective of employee expectations. The business continuity plan should address the requirements needed to recover from potential disasters, whether through natural causes (weather, fire, etc.) or a security breach.
- The comprehensive Security Awareness and business continuity plan should be approximately 2 to 3 pages in length, in APA format, and double-spaced for the narrative.