Assessment Description:
The main objective of information security frameworks is to lower the level of risk, reducing the possibility of a vulnerability and making the company more secure. The framework shows the details of the daily procedures to reduce exposure to risk.
Refer to your “Conduct a Risk Assessment,” assignment from CYB-650 and the “Develop a Business Impact Analysis Parts 1-3” assignments from CYB-630, and the “Business Continuity Plan” from the Topic 1 assignment.
Create a 12- to 14-slide digital presentation that demonstrates how to implement a security framework to identify and close gaps between an organization’s current cybersecurity status and its future target cybersecurity status. Make sure to align to an appropriate regulation (e.g., PCI DSS, HITECH, HIPAA, SOX, GLBA, or GDPR) and address the following:
- Explain the current cybersecurity environment, such as development processes, paradigms, information, configuration management, and systems directly involved in the delivery of services.
- Describe the current risk management practices, development threats, legal and regulatory requirements, business/mission objectives, and organizational constraints using the framework identified.
- Describe how security best practices and frameworks can be used as a reference to develop a cybersecurity program.
- Create a diagram related to the common workflow of information and decisions at the major levels within the organization.
- Explain the critical cybersecurity needs that should be in place to ensure compliance with the appropriate regulation by differentiating from NIST, ISO/IEC 27000-series (e.g., PCI DSS, HIPAA, SOX, GLBA). Then, prioritize organizational efforts, business needs, and outcomes.
- List and describe the elements of a software assurance maturity model.
- Include a title slide, reference slide, and presenter’s notes.
Additionally, include graphics that are relevant to the content, visually appealing, and placed appropriately.
Note: Since this course is the culmination of the Business Continuity Plan, students may utilize or adapt any of their previous assignments from earlier classes in the program for assignments in this course.
While APA style is not required for the body of this assignment, solid academic writing is expected, and documentation of sources should be presented using APA formatting guidelines, which can be found in the APA Style Guide, located in the Student Success Center. An abstract is not required.
This assignment uses a rubric. Please review the rubric prior to beginning the assignment to become familiar with the expectations for successful completion.
You are not required to submit this assignment to LopesWrite.