You will submit your roles and responsibilities portion of the final project. Who are the key leaders of the organization specific to how their responsibilities are connected to the security of the organization’s information? You must also identify key ethical considerations. What are the ramifications of key leaders not properly accounting for ethical and legal considerations? What are the key components of information assurance as they relate to individual roles and responsibilities within the information assurance plan? For example, examine the current policies as they relate to confidentiality, integrity, and availability of information.
rubrics 2 pages
Employing information assurance best practices will ensure a firm is able to eliminate hierarchical structures, become more flat, and have greater customer touch points by leveraging the correct information at the right time. Successful firms will maintain an established information assurance plan and posture that is implemented and reviewed on a weekly basis. The ability to properly assign roles is crucial to the design of an effective information assurance plan. Without clearly identified roles and responsibilities, the key members of an organization would not have a clear understanding of what was expected of them. The establishment of roles and responsibilities assists each member to communicate clearly and effectively throughout the organization. Prompt: In Module Four, you will submit your roles and responsibilities portion of the final project. Your submission should answer the following questions: Who are the key leaders of the organization specific to how their responsibilities are connected to the security of the organization’s information? You must also identify key ethical considerations. What are the ramifications of key leaders not properly accounting for ethical and legal considerations? What are the key components of information assurance as they relate to individual roles and responsibilities within the information assurance plan? For example, examine the current policies as they relate to confidentiality, integrity, and availability of information. Specifically, the following critical elements must be addressed: II. Information Security Roles and Responsibilities a) Analyze the role of the key leaders within the organization specific to how their responsibilities are connected to the security of the organization’s information. What is the relationship between these roles? b) Evaluate key ethical and legal considerations related to information assurance that must be taken into account by the key leaders within the organization. What are the ramifications of key leaders not properly accounting for ethical and legal considerations? c) What are the key components of information assurance as they relate to individual roles and responsibilities within the information assurance plan? For example, examine the current policies as they relate to confidentiality, integrity, and availability of information.
22222222222222222222222222222222222222222222222222222222222222222222222222222222222
You will submit the risk assessment portion of the information assurance plan. You will provide the organization with an assessment of the threat environment and the risks within, as well as methods designed to mitigate these risks. Based on your analysis and evaluation, what are the best approaches for implementing information assurance principles? Where do you see the most areas for improvement to current protocols and policies? For additional details, please refer to the Final Project Document and the Milestone
(4 pages 3 references 3 intext citations )
risk assesment you need to answer the following questions for each threat scenario (complete atleast two)
1. identify the threat actors
2.identify the asset being targeted
3. Identify the threat of the current controls implemented.
4. identify the capability required by the threat actor to exploit.
5.identify how often would this particular threat scenario would happen
6.identify how much loss would be expected if exploited(via value of asset)
7. identify the risk level the threat scenario is to the organization.
The policies and procedures section is filled out after you complete your risk assesment then you analyze the current policies and procedure and identify where improvements should be made to reduce the risk identified (example a high risk was identified from employees using personal email and sending company information the change to the policy would be “personal emails sites are not allowed by employees and procedure would be implemented to block employees using those sites going forward. )
Rubrics
In order to effectively respond to applicable threats, information technology administrators must be able to accurately evaluate the threat environment. The ability to engage in this evaluation originates from the performance of a risk assessment. Performing a risk assessment can take on many forms. One recent method of engaging in risk assessment has come in the form of utilizing firewalls and firewall audit tools. Through these measures, IT administrators can map the network and critically analyze where any potential vulnerabilities may lie. The outcomes of these measures results in increased awareness of the most likely types of threats that may materialize, and enables administrators to configure the network in order to mitigate and address these weaknesses and vulnerabilities. Prompt: In Module Five, you will submit the risk assessment portion of the information assurance plan. You will provide the organization with an assessment of the threat environment and the risks within, as well as methods designed to mitigate these risks. Based on your analysis and evaluation, what are the best approaches for implementing information assurance principles? Where do you see the most important areas for improvement to current protocols and policies? Specifically, the following critical elements must be addressed: III. Risk Assessment a) Analyze the environment in which the organization operates, including the current protocols and policies in place related to information assurance. b) Evaluate the threat environment of the organization. c) Based on your analysis and evaluation, what are the best approaches for implementing information assurance principles? Where do you see the most important areas for improvement to current protocols and policies? d) Assess the threats to and vulnerabilities of the organization by creating a risk matrix to outline the threats and vulnerabilities found and determine possible methods to mitigate the identified dangers…………………………………………..
