Developa 6- to 7-page manual using theSecurity Standards, Policies, and Procedures Templatewith recommendations to management of security standards, polices, and procedures which should be implemented

Grading Rubric

Importance of a security program 10% -

Excellent - Deliverables are insightful and exceptional in their understanding and application of concepts and principles of the importance of security policies, plans, and procedures. 85 - 100%

Satisfactory - Deliverables are clear and complete in their understanding and application of concepts and principles of the importance of security policies, plans, and procedures. 75 - 84%

Policies and Procedures 10% -

Excellent - Deliverables are insightful and exceptional in their understanding and application of concepts and principles of data classification, NDAs, strong authentication, acceptable use, separation of duties, training, and managing identified risk. 85 - 100%

Satisfactory - Deliverables are clear and complete in their understanding and application of concepts and principles of the importance of data classification, NDAs, strong authentication, acceptable use, separation of duties, training, and managing identified risk. 75 -84%

Compliance Examples 20% -

Excellent - Deliverables are insightful and exceptional in their understanding and application of concepts and principles of the HIPAA, the NIST Cybersecurity Framework, Sarbanes-Oxley, the GLBA, and the PCI DSS.85 - 100%

Satisfactory - Deliverables are clear and complete in their understanding and application of concepts and principles of the importance of the HIPAA, the NIST Cybersecurity Framework, Sarbanes-Oxley, the GLBA, and the PCI DSS. 75 - 84%

Incident Response 15% -

Excellent - Deliverables are insightful and exceptional in their understanding and application of concepts and principles of incident management preparation, identification, containment, eradication, recovery, and lessons learned (root cause analysis) 85 - 100%

Satisfactory - Deliverables are clear and complete in their understanding and application of concepts and principles of incident management preparation, identification, containment, eradication, recovery, and lessons learned (root cause analysis) 75 - 84%

Auditing 10% -

Excellent - Deliverables are insightful and exceptional in their understanding and application of concepts and principles of the security auditing process. 85 - 100%

Satisfactory - Deliverables are clear and complete in their understanding and application of concepts and principles of the security auditing process. 75 - 84%

Physical Security 15% -

Excellent - Deliverables are insightful and exceptional in their understanding and application of concepts and principles of environmental and physical security. 85 - 100%

Satisfactory- Deliverables are clear and complete in their understanding and application of concepts and principles of environmental and physical security. 75 - 84%

Administrative Policies and Procedures 10% -

Excellent - Deliverables are insightful and exceptional in their understanding and application of concepts and principles of administrative policies and procedures. 85 - 100%

Satisfactory - Deliverables are clear and complete in their understanding and application of concepts and principles of administrative policies and procedures. 75 - 84%

Configuration and Change Management 10% -

Excellent - Deliverables are insightful and exceptional in their understanding and application of concepts and principles of configuration and change management. 85 - 100%

Satisfactory - Deliverables are clear and complete in their understanding and application of concepts and principles of configuration and change management. 75 - 84%