i need this work done perfectly who can do it contact me….!!!!
CYB-535-Assignment_Benchmark – Framework Findings and Recommendations |
|
This assignment serves to benchmark competency 2.1: Establish a risk management framework using industry standards for compliance.
Based on an executive level report, deliver the findings of the Topic 4 “Demonstrating the Gap” assignment.
Include the following in your report (add sections to the template as needed):
1. An overview of why the report is being written
2. A paragraph description of the system
3. A paragraph outlining the framework governing the enterprise
4. Major gaps that were found
5. Remediation that is recommended
6. A high-level diagram that represents the current state of the system
7. An equal diagram depicting the proper end state
Refer to the “Security Assessment Report (SAR),” within the required readings. This resource provides detailed explanations of each section that should be included within the assessment report.
APA style is not required, but solid academic writing is expected.
Refer to the “System Security Assessment Report Template” and the “Framework Findings and Recommendations Scoring Guide,” prior to beginning the assignment to become familiar with the expectations for successful completion.
Attachments:
CYB-535-RS-SecurityAssessmentReportTemplate x
CYB-535-RS-FrameworkFindingsRecommendations-ScoringGuide x
CYB-535-TP5-StudyMaterials
Cyber Security Engineering: A Practical Approach for Systems and Software Assurance |
|
Read Chapter 6 in Cyber Security Engineering: A Practical Approach for Systems and Software Assurance.
URL:
http://www.gcumedia.com/digital-resources/pearson/2016/cyber-security-engineering_a-practical-approach-for-systems-and-software-assurance_1e.php
Security Assessment Report (SAR) |
Refer to the “Security Assessment Report (SAR)” when completing this week’s assignment. This resource provides detailed explanations of each section that should be included within a standard assessment report.
URL:
https://cbiit.cancer.gov/contractor-security-guidance/templates-and-forms/templates-and-forms
Establishing a Realistic BYOD Governance Policy |
Read “Establishing a Realistic BYOD Governance Policy,” by Careless, from KM World (2013).
URL:
https://lopes.idm.oclc.org/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=aci&AN=84592158&site=ehost-live&scope=site
Nearly All Large Businesses Have a Cybersecurity Policy, but Is It Strong Enough? |
Read “Nearly All Large Businesses Have a Cybersecurity Policy, but Is It Strong Enough?,” from Security: Solutions for Enterprise Security Leaders (2017).
URL:
https://lopes.idm.oclc.org/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=125470111&site=ehost-live&scope=site
Cybersecurity Capability Maturity Models for Providers of Critical Infrastructure |
Read “Cybersecurity Capability Maturity Models for Providers of Critical Infrastructure,” by Miron and Muita, from Technology Innovation Management Review (2014).
URL:
https://timreview.ca/article/837
Acknowledging the “M” in MIS: Managing a Data Breach Crisis |
Read “Acknowledging the “M” in MIS: Managing a Data Breach Crisis,” by Perri and Perri, from Journal of the Academy of Business Education (2018).
URL:
https://lopes.idm.oclc.org/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=128789375&site=ehost-live&scope=site
CyberSightings |
Read “CyberSightings,” by Gaggioli, from Cyberpsychology, Behavior & Social Networking (2015).
URL:
https://lopes.idm.oclc.org/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=108329788&site=ehost-live&scope=site
Cyber Risk From a Chief Risk Officer Perspective |
Read “Cyber Risk From a Chief Risk Officer Perspective,” by Grobler, from Journal of Risk Management in Financial Institutions (2018).
URL:
https://lopes.idm.oclc.org/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=128885445&site=ehost-live&scope=site
Critical Times for Organizations: What Should Be Done to Curb Workers’ Noncompliance With IS Security Policy Guidelines? |
Read “Critical Times for Organizations: What Should Be Done to Curb Workers’ Noncompliance With IS Security Policy Guidelines?,” by Ifinedo, from Information Systems Management (2016).
URL:
https://lopes.idm.oclc.org/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=112574338&site=ehost-live&scope=site
Compliance Programs and IT: It’s Not a Turf War: If I Was an IT Department Head, I Would Have the Compliance Officer Tied to My Hip |
Read “Compliance Programs and IT: It’s Not a Turf War: If I Was an IT Department Head, I Would Have the Compliance Officer Tied to My Hip,” by Snell, from Journal of Health Care Compliance (2017).
URL:
https://lopes.idm.oclc.org/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=127279931&site=ehost-live&scope=site
Framework Findings and Recommendations Scoring Guide
Performance Level Ratings
Meets Expectations |
Performance consistently met expectations in all essential areas of the assignment criteria, at times possibly exceeding expectations, and the quality of work overall was very good. The most critical goals were met. |
|
Near Expectations |
Performance did not consistently meet expectations. Performance failed to meet expectations in one or more essential areas of the assignment, one or more of the most critical goals were not met. |
|
Below Expectations |
Performance was consistently below expectations in most essential areas of the assignment, reasonable progress toward critical goals was not made. Significant improvement is needed in one or more important areas. |
Criteria |
Earned |
|||||||||||
The student comprehensively presents an overview of why the report is being written. |
0 pts – 6 pts |
7 pts – 9 pts |
10 pts |
|||||||||
The student comprehensively presents a description of the system and the framework governing the enterprise. Subject knowledge is excellent. |
||||||||||||
The student clearly presents the results of the assessment with extensive details, including the major gaps found and recommended remediation. |
0 pts – 13 pts |
14 pts – 19 pts |
20 pts |
|||||||||
The student provides a detailed, high-level diagram that represents the current state of the system. The student uses appropriate graphic elements to make visual connections that contribute to the understanding of concepts and relationships. |
||||||||||||
The student provides an equal detailed diagram depicting the proper end state. The student uses appropriate graphic elements to make visual connections that contribute to the understanding of concepts and relationships. |
||||||||||||
Required components are present, including: · Overview · System Overview · Assessment Methodology · Security Assessment Results · Non-Conforming Controls · Authorization Recommendations · Appropriate Diagrams and Screenshots |
||||||||||||
Prose is largely free of mechanical errors. The writer uses a variety of effective sentence structures, figures of speech, and industry terminology. |
||||||||||||
TOTAL |
/100 |
|||||||||||
Instructor Feedback |
CYB-535 Security Assessment Report Template
System Assessment Report For: {
System Name
}
Version:
Date:
Prepared By:
Overview
Purpose
Scope
Applicable Laws and Regulations
The following laws and regulations are applicable:
Applicable Standards and Guidance
The following standards and guidance are applicable to the organization:
System Overview
System Name
General System Description and Purpose
Security Categorization
Assessment Methodology
Performed Tests
Identification of Vulnerabilities
Consideration of Threats
Performed Risk Analysis
Document Results
This section should include any relevant screenshots.
Security Assessment Results
Non-Conforming Controls
Authorization Recommendations
© 2018. Grand Canyon University. All Rights Reserved.