Welcome to Week # 4. This week’s assignment will help you to fulfill the requirements for the fourth course objective (CO-4: Prepare a plan to design functions that encompass scoping a program or developing procedures, processes, and architectures that guide work execution at the program and/or system level). For this week’s assignment instructions, please see below:
See this Web Site: http://www.faulkner.com.ezproxy2.apus.edu/products/securitymgt and read the Geoff Keston article titled “Developing A Security Communications Plan”.
According to Keston (2013), “A mark of a mature security communications program is the shift away from one-time messages, such as ad hoc emails. Such messages are easily forgotten and are often hard to find after a few weeks. A good security communications plan will include sending updates and alerts as well as maintaining a repository of documentation. Creating such a repository (or a consolidated document) makes information easier to find, and it helps to link together disparate elements into a unified plan.”
For the purpose of this assignment, you are tasked as the Cybersecurity Director to prepare a Security Communications Plan for execution at the program level. You are to develop a security communications plan for your organization that addresses the handling of all communications related to security. Follow the requirements below:
4 – 6 Pages in length in APA format (not including a cover page and reference section)
Develop a comprehensive security plan that does the following:
Identify archiving procedures
Establish approval processes for sending communications
Describe legal and regulatory requirements
Define key terms
Define severity levels and message types
Using the definitions of severity levels and message types, diagram who receives messages and through what means they receive them (e.g., text messages)
The plan will address the concerns of many constituents, including executives, IT staff members, and end users, as well as customers and partners. Each group has somewhat different needs, so it is helpful to structure a plan to protect sensitive information from the entire group and to make targeted information easy for its audience to find.