Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

In this assessment, you are required to propose a new customised information security framework for the use case you selected in Costa Rica Government Data

In this assessment, you are required to propose a new customised information security
framework for the use case you selected in Costa Rica Government Data Breach. The new framework must be based on well-known national and/or international standards, e.g., NIST. Your proposed framework needs to address the risks you identified and discussed in Assignment 02. Reasonable
assumptions can be made regarding the selected scenario if they are properly documented and
justified. The length of the report should not be more than 15 pages and excluding title page,
table of contents, and references.
While designing the new framework, you can recommend any tool(s) available in the market
that would be beneficial to achieve your goals. You need to provide a proper justification why
you have selected and recommended that specific tool. The costs related to the purchase of the
selected tool, licensing, and technical support should also be included in this report.
This report will be presented to the board members including personnels from finance
department. You need to prepare the report by including the following details.
1. Executive Summary
2. Introduction
3. Details of the new design
a. Support for existing functionalities
b. Addressing the identified risks
c. Performance evaluation
d. Cost justification
4. Conclusion
5. References
Report Organisation
In this report, you will target three types of audiences, i.e., board members or executives,
cybersecurity personnel, and finance personnel of client organisation. While preparing your
report on the new design, you need to ensure the contents of each section are customised
properly. Board members will expect to have a clear analysis with a focus on business interests
of the organisation so they could make appropriate decisions. The cybersecurity personnel will
require a detailed technical review to guide them implementing relevant cybersecurity controls
of the new design. The finance personnel will require the cost details associated in
implementing your proposed design.
The presentation of the report is an important aspect and will have sufficient marks allocated
for the presentation and organisation of the report which includes the use of appropriate
headings and sub-headings, appropriate use of bullet points, tables, images, etc. Appropriate
use of English language is also important with a focus on the use of grammar, spelling, writing
style, and correct referencing.
1. Executive Summary
This section should highlight the focus of the report and its importance for the intended
audience. You also need to provide a very brief overview of what you have included in the
report.
2. Introduction
In this section, you need to define the background of your proposed design. You need to provide
justifications for why your proposed design is important with reference to the flaws of the
previous design and business objectives. You can mention relevant legal compliance
constraints if any. You need to explain and justify the tool(s) you will use to evaluate the
performance of your proposed design.
3. Details of the new design
In this section, you need to provide a detailed description of your proposed design, highlight,
and explain its promising features, and evaluate their potential impacts (technical and business)
based on the calculations of the selected tool(s)(the one you chose in Assignment 02 and the
one you choose in this assignment for the justification of the choices/recommendations you
make). While explaining your proposed design, make sure your discussion is limited to its
promising features that will cover the critical vulnerabilities or faults in the clients system and
threats that may be initiated by malicious adversaries along with future possible attacks. You
can add relevant calculations to support your arguments. When explaining your new design,
make sure it aligns with the privacy and data storage laws and regulations of your client
organisation. Your proposed design should outline the people, process and technology
attributes needed to create a secure environment for your client organisation. For this task, you
need to read the security and privacy policy of your client organisation in detail and link its
relevant points in your justifications. You also need to categorise and classify various controls
that you are going to use in your proposed new framework and highlight the vulnerabilities and
risks your controls will be addressing. This section should contain enough details on the four
main points, i.e., support for existing functionalities, addressing the identified risks,
performance evaluation of your proposed design, and cost justification.

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image_2

Step: 3

blur-text-image_3

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

SQL Instant Reference

Authors: Gruber, Martin Gruber

2nd Edition

0782125395, 9780782125399

More Books

Students also viewed these Databases questions

Question

What is the macro view of entrepreneurship?

Answered: 1 week ago

Question

Explain the key components of an assessment center (AC).

Answered: 1 week ago