Some more writing help

Anonymous
timer Asked: Mar 9th, 2019
account_balance_wallet $20

Question Description

The Rookie Chief Information Security Officer

This assignment consists of five (5) parts:

Part 1: Organization Chart
Part 2: Request for Proposal (RFP) Plan
Part 3: Physical Security Plan
Part 4: Enterprise Information Security Compliance Program
Part 5: Risk Management Plan

Imagine that you have been recently promoted to serve as Chief Information Security Officer (CISO) for a Fortune 500 organization. This organization has known brand products across the world and expects top-secret methods for safeguarding proprietary information on its recipes and product lines. The Board of Directors request that their information security strategy be upgraded to allow greater opportunities of secure cloud collaboration between suppliers and resellers of their products. Another concern they have is the recent number of hacktivist attacks that have caused the network to fail across the enterprise. Their concern extends to making sure that they have controlled methods for accessing secured physical areas within their various regional facilities.

For your new position, you will be responsible for developing standards, methods, roles, and recommendations that will set the new IT security path for the organization. The existing organization has limited experience in supporting an enhanced level of IT security; therefore, you may need to outsource certain security services.

Additionally, you may create and / or assume all necessary assumptions needed for the completion of this assignment.
Write an eight to twelve (8-12) page paper in which you provide the following deliverables:

Part 1: Organization Chart

1. Use Visio or an Open Source alternative, such as Dia, to:
a. Create an organization chart in which you:
i. Illustrate the roles that will be required to ensure design, evaluation, implementation, and management of security programs

for the organization.
ii. Within your organizational chart, clearly identify the reporting structure for roles such as IT Security Compliance Officer,

Security Manager, CIO, CISO, IT Security Engineer, Privacy Security Professional, and IT Procurement Specialist.
iii. List the types of resources required to fulfill the each forensic duty of the organization below each of the roles you identified.
iv. Align your organization chart to reflect the Department of Homeland Security (DHS) Essential Body of Knowledge’s three (3)

areas of information security: physical security professional, privacy professional, and procurement professional. Provide

comments and comparisons on how your organizational chart fosters these three (3) values.

Part 2: Request for Proposal (RFP) Plan

2. Develop a Request for Proposal (RFP) plan to solicit qualified vendors that could partner with your internal team to deliver optimum

IT service delivery. The RFP Plan should contain qualifying criteria of potential vendors and the responsibilities of the vendor once

the contract is awarded. As part of the plan, you must:
a. Describe at least two (2) perspectives that need to be closely monitored within the contract.
b. Give your perspective on at least two (2) methods that could be used to evaluate and develop a qualified trusted supplier list.

Part 3: Physical Security Plan

3. Recommend a physical security plan that could be used to protect sensitive areas such as telecom rooms, employee only areas,

and manufacturing facilities in which you:
a. Include at least three (3) specific methods.

Part 4: Enterprise Information Security Compliance Program

4. Establish an enterprise information security compliance program that addresses the concerns of the board of directors of the

organization in which you:
a. Describe specific plans and control objectives that could be adopted to address the known issues.
b. Suggest at least three (3) information security policies that could be developed and practiced within the organization for data

security assurance.
c. Outline the steps you would take to define the security needs of the organization in terms of duties, staffing, training, and

processes.

Part 5: Risk Management Plan

5. Develop a risk management plan in which you:
a. Describe at least three (3) possible risk management efforts that could be used to assess threats and unknown issues.
b. Determine why defining priorities is an important part of the process when enumerating and having efficient risk control

measures.
c. Suggest specific technical and management controls that could be enacted in order to monitor risks accurately.

6. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality

resources.

Tutor Answer

PhileJonesTutor
School: UT Austin

kindly check

Running head: THE CHIEF INFORMATION SECURRITY OFFICER

The Chief Information Officer
Student’s Name
Institution

1

THE CHIEF INFORMATION SECURITY OFFICER
The Rookie Chief Information Officer
Organizational chart

The roles
The CEO is the head of the whole organization. As a result, he plays an important role in
ensuring that there is the success in the IT department. Budget is an issue and it continues to
generate interest as it increases with increasing threats. Therefore, it is important to have the
CEO in every step of the IT department structuring and to organize as a way of getting the
support of the whole organization including the board. The CIO and in some cases, the CISO
will report directly to the CEO.

2

THE CHIEF INFORMATION SECURITY OFFICER

3

The CIO
The CIO is the representative of the IT department in the role of the business growth through
ITR. The holder of this office acts as the bridge between the department and the other functions
in ensuring that there is a link and sealing any loopholes that may appear in the running of the
business. Additionally, as the head of the IT department, the office holder works to ensure that
any threats to the business are resolved in a timely manner. The other role of every business
function includes the development of a strategy that will ensure the achievement of the overall
goals. The IT department is not an exception. Since the CIO is the head, he pioneers in the
growth of a strategy which will support the realization of the general objective. Above all, the
CIO is the head of this department and thus supervises and is involved in the budgetary
allocation of different agencies which fall under this function. Similarly, the holder of this office
also liaises’ with CISO in the preparation of the budget of this department. There is also the
supervisory role on those who fall in this department. CIO reports to the CEO of the organization
and will also sit in the board from time to time.
The Role of CISO
The holder is expected to offer guidance on several areas that concern the organization. In the
modern day of technology and connectivity, organizations are at increased risk of losing vital
information and intellectual property. Therefore, it is necessary to have measures in place that
secure such information from business competitors. The CISO helps in the development of
options which safeguard the intellectual property and other vital information of the company.
The security control of the technologies of an organization also falls under the umbrella of the
holder of this office. The holder works in conjunction with other concerned employees to

THE CHIEF INFORMATION SECURITY OFFICER

4

develop systems that are safe. At the same time, they develop a secure way of accessing
information from different employees in an organization. ...

flag Report DMCA
Review

Anonymous
Tutor went the extra mile to help me with this essay. Citations were a bit shaky but I appreciated how well he handled APA styles and how ok he was to change them even though I didnt specify. Got a B+ which is believable and acceptable.

Similar Questions
Hot Questions
Related Tags
Study Guides

Brown University





1271 Tutors

California Institute of Technology




2131 Tutors

Carnegie Mellon University




982 Tutors

Columbia University





1256 Tutors

Dartmouth University





2113 Tutors

Emory University





2279 Tutors

Harvard University





599 Tutors

Massachusetts Institute of Technology



2319 Tutors

New York University





1645 Tutors

Notre Dam University





1911 Tutors

Oklahoma University





2122 Tutors

Pennsylvania State University





932 Tutors

Princeton University





1211 Tutors

Stanford University





983 Tutors

University of California





1282 Tutors

Oxford University





123 Tutors

Yale University





2325 Tutors