Option A: Security PlanningIf you choose this option, you are to develop an information security plan to enhance the security of our campus information environment. The plan should cover both managerial and technical issues, including but not limited to the following:Describing the information environment of our campus. Information environment is a general term, which addresses information security questions such as what data$/$information are important, who create these data$/$information$,$ who use these data$/$information$,$ who have access to the data$/$information$,$ what systems are associated with the data$/$information$,$ what procedures are required to process the data$/$information$,$ the connection between the campus and the external untrusted environment $($e$.$g$.,$ the Internet$),$ and so on$.$ You may use the framework of information asset identification, classification and prioritization $($see page $265-268$ of our textbook$).$Note: physical security can be included in your discussion here.Discussing the potential threats to our information environment and proposing solutions. Here, you may apply the framework of risk management, i$.$e$.,$ risk identification, risk assessment, and risk control $($Chapter $5$ of our textbook$).$Proposing a set of security policies, including the Enterprise Information Security Policy $($EISP$)($this should be a general policy for our campus$),$ Issue$-$Specific Security Policy $($ISSP$)($e$.$g$.,$ how to use email$),$ and Systems$-$Specific Policy $($SysSP$)($e$.$g$.,$ how to use the Canvas learning management system$).$ These policies are discussed in Chapter $5$ of our textbook.Note: The assignment asks you to design$/$propose the three policies based on your analysis of our information environment and faced threats. Explaining the meaning or the importance of the policies will NOT get you any credit. Discussing how to implement the security policies from a technical perspective $($you may consider anti$-$virus software, firewall, and intrusion detection and prevention systems$).$Discussing how to implement the security policies from a managerial perspective $($e$.$g$.,$ forming a special committee, getting support from the campus administration$).$Discussing how to implement the security policies from a behavioral perspective $($e$.$g$.,$ training and education$).$Note:In this assignment, you may assume that you were a CISO $($chief information security official$)$ of UM$-$Dearborn and planned for a new security program. Some disparity between your analysis and the real environment of our campus is acceptable.The grading rubrics are provided here for your reference.