This is a two-part deliverable using MS Word and MS Project, or their open source equivalents. This assignment focuses on information as an asset and logical security techniques for a hypothetical law firm. The goal of this deliverable is to secure an information security policy, suggesting the fundamental guidelines should an untoward event occur. It can be seen that information assets security management can be reduced down to three basic principles: integrity, confidentiality, and availability. Structure a policy around and within computers and associated equipment, as well as the people using it. Note: You may create or make all necessary assumptions needed for the completion of this assignment.
Submission Requirements
Write a 35 page paper in which you:
Create a cybersecurity policy describing the principle, the objective, and policy statement for the law firms company network.
Describe the roles and responsibilities by groups (e.g., position director of network security, the network security manager, network security engineers, IT area), defining roles and responsibilities.
Suggest the cybersecurity policy statement, an explanation of the policy statement, and the reasons why the policy statement may be controversial.
Determine the security testing methodology you would use to facilitate the assessment of technical controls.
Section 2
Complete the following:
Use Microsoft Project, or an open source alternative such as OpenProj, to create a security project plan for the law firm. The project plan should include:
Tasks, subtasks, resources, and predecessors.
An outline of the planning, analysis, design, and implementation phases.
The use of cybersecurity in the information systems development life cycle.
This course requires the use of Strayer Writing Standards. For assistance and information, please refer to the Strayer Writing Standards link in the left-hand menu of your course.
The specific course learning outcome associated with this assignment is:
