Information Security Plan Isp Acting As An Information Security Consultant For Vpp 2691253

CSCI315 Project Guidelines – Project Use the following scenario to complete the indicated tasks. Scenario: • Over the last 14 weeks of the course, you have acted as an information security consultant for VPP. In this capacity, you have developed various components of an information security plan for a client. • You have completed your VPP assignment and have now moved to your second assignment, Foothills College of the Upstate (FCU). • FCU is a new college and seeks to develop a robust information security plan (ISP), but it does not have the internal expertise to do so by itself. Hence, FCU has hired your employer, USCU-IT. You successfully helped VPP and therefore have been assigned as the head of the FCU effort. • FCU envisions itself as an online college. All courses and degree programs will be delivered online. All administrative and academic functions will be accomplished by a cadre of full time administrators and faculty. • FCU is continuing to hire key personnel, but a cadre of key administrators are already in place. • All administrative functions, student records, registration, and course delivery will be accomplished via the Internet. • Over the last 14 weeks, you have met multiple times with the key members of the FCU formulation committee. You have gained a good understanding of the proposed operations of the college. You are now preparing a proposed information security plan for the college. FCU Information Security Plan (ISP) Requirements: • The ISP must be in Word docx format. • The ISP file must be named FCUISP.docx. • There is not a minimum or maximum length to the document, but the primary criteria is that each topic must be thoroughly discussed. Short one or two sentences will not be sufficient. • The ISP should be double-spaced and use the Times New Roman, 12-point font. • The ISP should be formatted to make the document visually appealing. • The ISP should contain a client perspective. Do not discuss topics in the abstract, but always tie each topic back to FCU. The main emphasis is how an ISP will affect FCU. • Merely duplicating your answers to previous weekly requirements will not be acceptable. Students should build on what they have previously learned and should demonstrate what they have learned in the course. • Students that do not demonstrate a good understanding of an ISP and how to manage information security will receive unsatisfactory scores. As the final project will significantly impact the final course outcome, students are encouraged to make their best effort. • The ISP must contain the following sections. Each section should be thoroughly discussed. Each section should be headed with the section names as indicated below and using the Bold style. o Sections: o Executive Summary: ? Recap the important parts of the ISP. ? An executive summary is normally no more than two pages. ? An executive summary is not an introduction. ? An executive summary should be written last, but be placed first in a document. ? The following link provides an overview of what an executive summary is. o Importance of having an information security plan: Explain to FCU why they should invest in an ISP. o Compliance – Law and Ethics: ? Explain to FCU why it is important stay in compliance with laws including ramifications of noncompliance. ? Explain to FCU why it is important for FCU to conduct its operations in an ethical manner. ? Discuss the three categories of unethical behavior. o Risk Management: ? Explain to FCU how risks can be identified and assessed. ? Identify the risks faced by FCU. ? Explain to FCU how risks can be controlled. • Be sure to include a discussion of cost-benefit analysis. • Identify and discuss five risk control strategies. o Contingencies: ? Discuss how FCU should respond to security incidents. ? Discuss how FCU should recover from a security disaster. o Protection Mechanisms: ? Identify and explain to FCU the three types of authentication mechanisms. ? Identify and explain to FCU the three means by which an intrusion can be prevented from succeeding. • Only the textbook should be used as a reference. Use of outside references is not allowed. • Only one submission will be accepted. Be sure your first submission is correct and represents your best efforts. • As the client is a college, be sure correct grammar is used and no misspellings are present. Upon completion, submit the FCUISP.docx file via the Blackboard assignment submission feature in the Week 15 folder. The project is due in accordance with the Course Schedule. As indicated in the Course Schedule, the project may be submitted up to one day late with a 10-point penalty. A project will not be accepted after the late period. Students that submit an acceptable project early will be awarded extra-credit final-average points as shown below. An acceptable project as defined as earning a score of 70 or higher. No extra credit will be awarded to a project earning a score below 70. Days early: Points: 5 5 4 4 3 3 2 2 1 1 Due Date 0