430W4JMEnterpriseSecurityProgram.docx

430 W4 JM Enterprise Security Program

Assessment Description

Students have evaluated the various laws, compliance standards, secure configurations, and policies that organizations must apply to meet business needs and customer expectations, achieving both a level of trust and a competitive advantage. This week's topic will enhance the knowledge learned by considering the holistic views of security within the corporate environment in regard to establishing a security program and communicating the strategy/roadmap to leadership.

Write a four to five-page paper describing the components necessary for a comprehensive security program for your corporate profile scenario, selected previously. The paper should include:

1. An executive summary (introduction paragraph) and a closing statement (closing paragraph) that provide the purpose and justification for the elements presented (consider recent events, lack of awareness, loss of finances, reduced competitive advantage, proactive vs. reactive, etc.).

2. The paper must include at least 10 main elements of a security program (minimum 75 words per component). Examples include: Security Awareness Program, Incident Management, Disaster Recovery, Risk Management Program, Provisioning Process, Identity and Access Management (IAM), Security Operations Center, Security Engineering, Policy Management, etc.

3. Provide a header for each main element and a paragraph describing the purpose, associated technologies, and best practices for implementation and communication. For example, describe why security awareness training is important, how to implement it throughout your organization, what technology can be leveraged to increase awareness, etc.

4. Identify which fundamental security design principles are in play, how they interrelate, and methods in which they should be applied to develop systems worthy of trust.

Company name is “Across the States Bank”. I have attached last week’s work for your reference.