Security management program that follows the 5-phase risk management process

Create a security management program that follows the 5-phase risk management process: “Plan|Protect|Detect|Respond|Adjust.”
Think of an organization that needs to develop a security management program based on these 5 steps. You could draw on your experience of a factual company that you have worked for or currently work for. Otherwise, think hypothetically of an organization in any industry of your choice, and create a security management program for the organization. You will need to make some assumptions if your security management program is not based on an actual organization.
Create the Plan Section
For this assignment, create the Plan section of your report. This section addresses the following:
• Cyber asset inventory and environment characterization
• Risk assessment and risk management strategy
• Governance and organization structure
Remember that responsibilities for conducting an effective cyber risk assessment are distributed at three levels: (1) Executive Leadership; (2) Business Management and (3) Systems Management.
Plan Section Requirements
Include the following information:

1. The scope of the program showing the physical / logical boundaries and business processes within this scope.
2. At least one goal /objective of the security program.
3. An asset inventory describing at least three assets that need to be protected.
4. At least one risk associated with each asset.
5. Two security metrics associated with each asset (one current and one projected).
6. An organization chart showing the security roles and responsibilities.
   Submit your work as an APA-formatted Word document.
   Tasks
7. Follow the directions in the overview to write the Plan section of your report.
8. Submit your work.

Sample Solution