Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Option A: Security PlanningIf you choose this option, you are to develop an information security plan to enhance the security of our campus information environment.

Option A: Security PlanningIf you choose this option, you are to develop an information security plan to enhance the security of our campus information environment. The plan should cover both managerial and technical issues, including but not limited to the following:Describing the information environment of our campus. Information environment is a general term, which addresses information security questions such as what data/information are important, who create these data/information, who use these data/information, who have access to the data/information, what systems are associated with the data/information, what procedures are required to process the data/information, the connection between the campus and the external untrusted environment (e.g., the Internet), and so on. You may use the framework of information asset identification, classification and prioritization (see page 265-268 of our textbook).Note: physical security can be included in your discussion here.Discussing the potential threats to our information environment and proposing solutions. Here, you may apply the framework of risk management, i.e., risk identification, risk assessment, and risk control (Chapter 5 of our textbook).Proposing a set of security policies, including the Enterprise Information Security Policy (EISP)(this should be a general policy for our campus), Issue-Specific Security Policy (ISSP)(e.g., how to use email), and Systems-Specific Policy (SysSP)(e.g., how to use the Canvas learning management system). These policies are discussed in Chapter 5 of our textbook.Note: The assignment asks you to design/propose the three policies based on your analysis of our information environment and faced threats. Explaining the meaning or the importance of the policies will NOT get you any credit. Discussing how to implement the security policies from a technical perspective (you may consider anti-virus software, firewall, and intrusion detection and prevention systems).Discussing how to implement the security policies from a managerial perspective (e.g., forming a special committee, getting support from the campus administration).Discussing how to implement the security policies from a behavioral perspective (e.g., training and education).Note:In this assignment, you may assume that you were a CISO (chief information security official) of UM-Dearborn and planned for a new security program. Some disparity between your analysis and the real environment of our campus is acceptable.The grading rubrics are provided here for your reference.

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Ecological Forest Management

Authors: Jerry F. Franklin, K. Norman Johnson, Debora L. Johnson

1st Edition

1478633506, 978-1478633501

More Books

Students also viewed these General Management questions

Question

4. Balancing Risks and Rewards with Expatriates

Answered: 1 week ago