Security Management
Assignment Objectives
Articulate why compliance with security policies, standards and
procedures are necessary to preserve the integrity of a secure system.
Demonstrate the role and importance of Security Awareness and Security
Training in the operation and administration of an enterprise level
security system.
Assignment details.
Key Assignment
You will submit the Key Assignment Final Draft. In addition, a summary
of 3–5 pages for the Security Training module section of the
Comprehensive Security Management Plan will be included as the final
section.
The final step in developing the Comprehensive Security Management
Plan is to define a training module. Begin by defining all roles
(management, developers, administrators, clerical, etc.) that have
security training and awareness needs. Then, suggest a list of courses
and workshops. With the list of roles and list of courses and
workshops, create a cross-reference in the form of a matrix that
includes all of the training needs. In 3–5 pages for the training
module, include the list of roles, courses with detailed information,
and the training matrix.
The project deliverables are the following:
Update the Comprehensive Security Management Plan title page with new date.
Update the previously completed sections based on the instructor’s and
your peers’ feedback.
Use the subheading “The Training Module.”
Define a training module.
Include a list of roles (developers, administrators, clerical, etc.).
Include a list of courses and workshops.
Include a cross-reference matrix of training.
Finalize the Comprehensive Security Management Plan.
Review the entire document for any changes and improvements to be made.
Ensure that this final version of the plan is sufficiently detailed to
allow the organization to confidently move forward with the
implementation of the Comprehensive Security Management Plan based on
recommendations.
Any previous feedback should be addressed with appropriate changes.
Be sure to update the table of contents before submission.
Name the document “yourname_CS654_IP5.doc.”
Part 1 Tasks (Objectives from Weeks 1–4)
This course has been comprised of a series of Individual Project
assignments that have contributed to a Key Assignment submission at
the end of the course. Each week, you have completed a part of a
Comprehensive Security Management Plan. The Key Assignment should
include the following tasks:
Week 1: Security Working Group (WG)
Discussion of the enterprise security management responsibilities
implemented as a service with contributions from roles throughout the
enterprise using the WG model applied to the project
A definition of roles and responsibilities for management of security
using the WG model applied to the project
An understanding of communication flows with the WG model with
application to the project
Week 2: Needs Assessment
Description of existing organization and what it already has in place
for a security architecture
Week 3: Security Policy Content and Risk
An overview of the content that should exist in security policy,
security standards, security procedures, other related security
documentation
Week 4: Security Models and Design Principles
Key Assignment First Draft for peer review
Relate security design principles to their proposed system changes
Part 2 Tasks (Objective from Week 5):
Week 5: Security Training
Submit the Key Assignment Final Draft.
Analyze previous submissions, and make changes as necessary to the
final paper to be prepared this week.
Continue development of the Comprehensive Security Management Plan
with a training module for explaining the roles and security training
and behavioral needs for each.
