CSIA 413 WK7 - IT security program management
CSIA 413 WK7
Prepare a two-page briefing paper (5 to 7 paragraphs) for the senior leadership and corporate board of Red Clay Renovations which addresses planning (what do we need to do?), programming (how will we do it?), and budgeting (how will we pay for it?) processes for IT security program management.
1. Use the company profile and enterprise architecture diagrams to identify five or more risks which require a financial investment. Financial investments should be categorized as: people investments, process investments, and/or technology investments.
2. Choose one of the four strategies for reducing the costs associated with responding to cyberattacks from the Rand report (A Framework for Programming and Budgeting for Cybersecurity):
- Minimize Exposure
- Neutralize Attacks
- Increase Resilience
- Accelerate Recovery
3. Discuss how your selected strategy (make it clear which strategy you selected) can be used in the planning (what do we need to do?) and programming (how will we do it?) phases of budget preparation to identify less costly solutions for implementing technical, operational, and management controls.