OBJECTIVE
6
Research, document, test and evaluate Industry information security based threats, risks, malicious activities, covert methodology, encryption technologies, mitigation techniques or unconventional tactics to prevent loss of sensitive information and data confidentiality, integrity and availability.
REPORT 1
You will be creating an INFOSEC Implementation Plan based on the SP or FIPS of your choosing. Do not summarize the reading. I want to see your opinions, interpretations, examples, views and/or recommendations.
REPORT 2
-
Summarize information system and network security requirements that your chosen business/organization would have to perform in order to be compliant with the Federal Information Security Management Act (FISMA) and the Sarbanes-Oxley Act (SOX).
-
Recommend a strategy that would help bring your sponsor organization/business to follow in order to come into compliance with the Federal Information Security Management Act (FISMA) and the Sarbanes-Oxley Act (SOX). (Note: if they are already in compliance, detail what strategies were used to bring them into compliance).
-
Your responses should include whether or not FISMA and SOX are considered external/internal compliance requirements, and whether or not they are considered implicit or explicit and why.
REPORT 3
Choose one of the following Security Frameworks:
-
ISO Family (27001,17799, 20000)
-
FISMA
-
ITIL
-
COBIT
-
CMMI
-
OCTAVE
Research the background (history), information of the governing body, and provide guidance as to the strengths and weaknesses of the framework. Write a 500- to 750-word (2- 3 pages) essay. Discuss the topic fully and relate it back to this week’s readings. Include an introduction and a conclusion. Format your paper consistent with APA guidelines. This should include an abstract, and inline citations.