Project Case Study

Project Case Study CSIA 485 Project #1 Detailed Assignment Description Read the Case Study posted for this assignment. Determine the information technology/security gaps and develop a security strategy that includes issues relating to confidentiality, integrity, and availability (CIA), and that includes the key elements relative to People, Process, and Technology. Step 1: Describe the key issues/challenges/risks from this case study. Step 2: Based on the information provided in the case study, describe and document the recommended security strategy to mitigate the issues/challenges identified. Step 3: Describe the proposed security solutions and relationship to the case study. Step 4: Document a detailed, proposed timeline for addressing each element of the strategy that you identify. Provide estimates for implementing recommended strategies, with rationale. Include what resources are necessary for completing each task in the timeline. Step 5: Provide a high-level recommendation regarding the next steps to take in mitigating risks identified. The deliverable for this case study assignment will be a minimum 5 page, double-spaced paper using Times New Roman 12 font and APA style formatting for citations and references. It will also include a minimum of 5 references. The Title/Cover page, illustrations (tables/charts/graphs), or references are not part of the page count but are required for the assignment. The grading rubric provides additional details as to what should be included in the paper. See grading rubric below. Rubric Name: Project 1: Case Study Security and Technology Issues    Level 5    Level 4    Level 3    Level 2    Level 1 Technology Issues    10 points Identifies at least 10 security or technology issues based on the case study.    8 points Identifies at least 8 security or technology issues based on the case study.    6 points Identifies at least 6 security or technology issues based on the case study.    3 points Identifies at least 3 security or technology issues based on the case study.    0 points Doesn’t identify any security or technology issues based on the case study. Security Issues    10 points Clearly describes and relates information security and other technology issues to confidentiality, integrity and availability (CIA). Synthesizes and applies material and document relationships.    8 points Basically describes and relates information security and other technology issues to confidentiality, integrity and availability (CIA). Synthesizes and applies some material and document relationships.    6 points Weakly describes and relates information security and other technology issues to confidentiality, integrity and availability (CIA). Some synthesizing and application or applies material and document relationships.    3 points Little description and relating information security and other technology issues to confidentiality, integrity and availability (CIA). Little synthesizing or application of material and document relationships.    0 points No description or relationship of information security or other technology issues to confidentiality, integrity and availability (CIA). Doesn’t synthesize or  apply material and document relationships. Risks and Challengess    Level 5    Level 4    Level 3    Level 2    Level 1 ID Risks and Challenges    5 points Clearly identifies and articulates the risks and challenges from the case study. Links all risks to technologies identified.    4 points Basically identifies and articulates the risks and challenges from the case study. Links most risks to technologies identified.    2 points Weakly identifies and articulates the risks and challenges from the case study. Links few risks to technologies identified.    1 point Little identification or articulation of the risks and challenges from the case study. May not link any risks to technologies identified.    0 points No identification or articulation of the risks and challenges from the case study. No links of risks to technologies identified. Apply Risk ID    10 points Synthesizes and applies risk identification and challenges. Derives new paradigms appropriately based on research and lessons learned.    8 points Basically synthesizes and applies risk identification and challenges. Derives some new paradigms appropriately based on research and lessons learned.    6 points Weakly synthesizes and applies risk identification and challenges. Derives few new paradigms appropriately based on research or lessons learned.    3 points Little synthesis or application of risk identification or challenges. Derives little new paradigms appropriately based on research and lessons learned.    0 points No synthesis or application of risk identification or challenges. No new paradigms based on research or lessons learned. Security Strategy    Level 5    Level 4    Level 3    Level 2    Level 1 Define Strategy    5 points Each defined strategy solution clearly mitigate the risk or issue.    4 points Most defined strategy solutions basically mitigate the risk or issue.    2 points Defined strategy solutions weakly mitigate the risk or issue.    1 point Little defined strategy solutions mitigate the risk or issue.    1 point No defined strategy solutions that will mitigate any risk or issue. Relate Solutions    10 points Clearly identifies security solutions that consist of people, processes and technologies that relate to the risks. Covers all three requirements.    8 points Basically identifies security solutions that consist of people, processes and technologies that relate to the risks. Covers at least two of the three requirements.    6 points Weakly identifies security solutions that consist of people, processes and technologies that relate to the risks. Covers at least one of the requirements.    3 points Little identification of security solutions that consist of people, processes or technologies that relate to the risks.  May not cover one of the requirements.    0 points Doesn’t identify security solutions that consist of people, processes or technologies that relate to the risks. Doesn’t cover any of the three requirements. Link Solutions    5 points Clearly describes the linkage between each solution and the steps in the case study.    4 points Basically describes the linkage between each solution and the steps in the case study.    2 points Weakly describes the linkage between each solution and the steps in the case study.    1 point Little description of the linkage between each solution or the steps in the case study.    0 points No description of any linkage between each solution or steps in the case study. Timeline    Level 5    Level 4    Level 3    Level 2    Level 1 Defines Tasks    5 points Clear and detailed timeline that summarizes at least 10 of the technology solutions being recommended. Includes clear and defined tasks for each solution.     4 points Basic and descriptive timeline. Summarizes at least 8 of the solutions being recommended. Includes basic and descriptive tasks for most solutions.     2 points Weak and poorly detailed timeline. Summarizes at least 6 of the solutions recommended. Includes weak and poorly defined tasks for some solutions.    1 point Little defined timeline. Summarizes at least 3 solutions being recommended. May miss clear and defined tasks for some solutions.     0 points No sufficient details in timeline. No summary of solutions being recommended. No clear and defined tasks for each solution. Prioritize Tasks    5 points Major tasks are clearly prioritized according their importance to mitigating the risks and issues found.    4 points Major tasks basically prioritized according their importance to mitigating the risks or issues found.    2 points Major tasks weakly prioritized according their importance to mitigating the risks and issues found.    1 point Few tasks prioritized according their importance to mitigating the risks or issues found.    0 points No tasks prioritized according their importance to mitigating the risks or issues found. Define Resources    5 points Clearly defined people resources (by type) that support each task in the timeline.    4 points Basically defined people resources (by type) that support each task in the timeline.    2 points Weakly defined people resources (by type) that support each task in the timeline.    1 point Little defined people resources (by type) that support each task in the timeline.    0 points No defined people resources (by type) that support each task in the timeline. Remediation Plan    Level 5    Level 4    Level 3    Level 2    Level 1 Mitigation    5 points Clearly describes and discusses high level plans that mitigate all technology issues identified. Provides clear detail and rationale to mitigate issues identified.    4 points Basically describes and discusses high level plans that mitigate all technology issues identified. Provides clear detail and rationale to mitigate issues identified.    2 points Weakly describes and discusses high level plans that mitigate all technology issues identified. Provides clear detail and rationale to mitigate issues identified.    1 point Little description or discussion of high level plans that mitigate all technology issues identified. Provides clear detail and rationale to mitigate issues identified.    0 points No description or discussion of high level plans that mitigate all technology issues identified. No detail or rationale to mitigate issues identified. Next Steps    5 points Clearly describes next steps that must be taken to resolve all issues identified.    4 points Basically describes next steps that must be taken to resolve all issues identified.    2 points Weakly describes next steps that must be taken to resolve all issues identified.    1 point Little description of next steps that may be taken to resolve some issues identified.    0 points Doesn’t describe next steps that must be taken to resolve all issues identified. Finds and Applies Knowledge    Level 5    Level 4    Level 3    Level 2    Level 1 Use of Authoritative Sources    5 points Used at least 5 authoritative or scholarly sources in paper. No APA style errors in sources.    4 points Used at least 3 authoritative or scholarly sources in paper. No more than 1 APA errors in sources.    3 points Used at least 2 authoritative or scholarly sources in paper. No more than 2 APA errors in sources.    1 point May have used 1 authoritative or scholarly source in paper. May not have used APA style formatting.    0 points No authoritative or scholarly sources used in paper. Citation of Sources    5 points All sources cited. No errors in citing material in paper.    4 points All but 1 source cited. Had no more than 5 citing errors in paper.    2 points All but 2 sources cited. Had no more than 10 citing errors in paper.    1 point All but 3 sources cited. Had less than 15 APA citing errors in paper.    0 points No sources cited or had more than 15 APA citing errors in paper. Organization, Execution and Appearance    Level 5    Level 4    Level 3    Level 2    Level 1 Formatting    5 points Prepared MS Word document, used consistent formatting, section subheadings, submitted one file, used instructor provided template, correct coversheet and separate reference page and meets minimum page count of 5 pages.    4 points MS Word document didn’t follow up to two (2) of the following: used consistent formatting, section subheadings, submitted one file, used instructor provided template, correct coversheet and separate reference page and meets minimum page count of 5 pages.     2 points MS Word document didn’t follow up to four (4) of the following: used consistent formatting, section subheadings, submitted one file, used instructor provided template, correct coversheet and separate reference page and meets minimum page count of 5 pages.     1 point MS Word document followed only one (1) of the following: used consistent formatting, section subheadings, submitted one file, used instructor provided template, correct coversheet and separate reference page and meets minimum page count of 5 pages.     0 points Non MS Word document didn’t any of the following: used consistent formatting, section subheadings, submitted one file, used instructor provided template, correct coversheet and separate reference page and meets minimum page count of 5 pages. Grammar and Punctuation    5 points No grammar errors, use of first/second person, spelling or punctuation errors.    4 points Less than 5 grammar errors, use of first/second person, spelling or punctuation errors.     2 points Less than 10 grammar errors, use of first/second person, spelling or punctuation errors.     1 point Less than 15 grammar errors, use of first/second person, spelling or punctuation errors.    0 points More than 15 grammar errors, use of first/second person, spelling or punctuation errors. Overall Score    Level 5 4 or more    Level 4 3 or more    Level 3 2 or more    Level 2 1 or more    Level 1 0 or more