This assignment is your final project and is due on Day 7 of this module. The assignment consists of one deliverable in two parts:
Part I: White Paper assignment
You have been tasked to brief the manager/CFO or CEO your company about the process you use to assess risk, authorize a system for operation, and monitor the system once it is in operation. Your goal is to explain how you will ensure that the system remains secure in light of:
changes to personnel,
changes to the hardware/software/firmware, and/or
changes to the environment (imagine that your company is sharing an office with another organization or sharing the office with contractors).
Create a white paper (7-10 pages, not including title and reference pages) identifying all aspects of the Risk Management Framework, including a plan for continuous monitoring. In order to have an effective continuous monitoring program you have to have a process to get to that point in the process. Risk and threat assessments are not once and done evaluations. They need to be dynamic and they need to be re-done if anything relates to the system changes.
Your white paper must be double-spaced, use a standard 12-point font and standard margins. At least two APA formatted in-text citations are required plus appropriate references must be listed. (Note: No wiki or blog references are allowed).
Your document should be free of spelling and/or grammatical errors.
Part II: Information Systems Security Plan
Revisit your Information Systems Security Plan Template Click for more options and finish the last five sections (11-15). The answers/info will be based off of everything you have been doing in the modules for this course, for the company you have been reporting on. Keep in mind that your company is sharing the building with another organization.
Note: Working back and forth between this and the white paper will help provide the input needed for both of them. You can refer back to this document (ISSP) once completed, in the white paper so as to reduce redundancy.
Your document should be free of spelling and/or grammatical errors.
To understand how your work will be assessed, view the assignment scoring rubric Click for more options .
Attach the Information Systems Security Plan to the end of the White Paper and submit both as one document by clicking on the assignment title.