One of the most important aspects of information assurance is ensuring that proper policies and procedures are established within an organization.
Without proper policies and procedures, there would be no order. By implementing appropriate statements of policy and developing effective procedures, IT administrators ensure that incidents can be appropriately responded to, and that individuals within the organization understand their roles within the information assurance plan. Individuals in an organization would not be able to adequately understand their roles without the establishment of these statements of policy.
Prompt
In Module Seven, you will submit your plan pertaining to statements of policy. You will establish protocols and mitigating factors to the organization. Justify how the disaster response protocols will mitigate the threats to and vulnerabilities of the organization. You will focus on disaster and incident response protocols as well as access control. Assess your proposed method for maintaining the success of the plan going forward. Justify how your method will ensure the ongoing effectiveness of the information assurance plan.
Specifically, the following critical elements must be addressed:
Statements of Policy
Develop appropriate incident response protocols to respond to the various threats and vulnerabilities identified within the organization.
Justify how the incident response protocols will mitigate the threats to and vulnerabilities of the organization. Support your justification with information assurance research and best practices.
Develop appropriate disaster response protocols to respond to the various threats and vulnerabilities identified within the organization.
Justify how the disaster response protocols will mitigate the threats to and vulnerabilities of the organization. Support your justification with information assurance research and best practices.
Develop appropriate access control protocols that provide an appropriate amount of protection while allowing users to continue to operate without denial of service.
Justify your access control protocols. Support your justification with information assurance research and best practices.
Recommend a method for maintaining the information assurance plan once it has been established.
Justify how your maintenance plan will ensure the ongoing effectiveness of the information assurance plan. Support your justification with information assurance research and best practices.
What to Submit
Your paper must be submitted as a three- to four-page Microsoft Word document with double spacing, 12-point Times New Roman font, one-inch margins, and at least three sources cited in APA format.
Milestone Four Rubric
Criteria Proficient (100%) Needs Improvement (75%) Not Evident (0%)
Value
Incident Response Protocols Develops appropriate incident response protocols to respond to the various threats and vulnerabilities identified
Develops incident response protocols to respond to the various threats and vulnerabilities identified, but they are not all appropriate or do not respond to all the threats and vulnerabilities Does not develop incident response protocols 12
Justification of Incident Response Protocols Logically justifies how the incident response protocols will mitigate the threats to and vulnerabilities of the organization with support from information assurance research and best practices Justifies how the incident response protocols will mitigate the threats to and vulnerabilities of the organization with minimal support from information assurance research and best practices, or justification is illogical Does not justify how the incident response protocols will mitigate the threats to and vulnerabilities of the organization 12
Disaster Response Protocols Develops appropriate disaster response protocols to respond to the various threats and vulnerabilities identified Develops disaster response protocols to respond to the various threats and vulnerabilities identified, but they are not all appropriate or do not respond to all the threats and vulnerabilities Does not develop disaster response protocols 12
Justification of Disaster Response Protocols Logically justifies how the disaster response protocols will mitigate the threats to and vulnerabilities of the organization with support from information assurance research and best practices Justifies how the disaster response protocols will mitigate the threats to and vulnerabilities of the organization with minimal support from information assurance research and best practices, or justification is illogical Does not justify how the disaster response protocols will mitigate the threats to and vulnerabilities of the organization 12
Access Control Protocols Develops appropriate access control protocols that provide an appropriate amount of protection while allowing users to continue to operate without denial of service Develops access control protocols, but they do not provide an appropriate amount of protection while allowing users to continue to operate without denial of service Does not develop access control protocols 12
Justification of Access Control Protocols Logically justifies the access control protocols with support from information assurance research and best practices Justifies the access control protocols with minimal support from information assurance research and best practices, or justification is illogical Does not justify the access control protocols 12
Method for Maintaining the Information Assurance Plan Recommends a comprehensive method for maintaining the information assurance plan once it has been established Recommends a method for maintaining the information assurance plan once it has been established but recommendations are not fully developed Does not recommend a method for maintaining the information assurance plan once it has been established 12
Justification of Maintenance Plan Logically justifies how the maintenance plan will ensure the ongoing effectiveness of the information assurance plan with support from information assurance research and best practices Justifies how the maintenance plan will ensure the ongoing effectiveness of the information assurance plan with minimal support from information assurance research and best practices, or justification is illogical Does not justify how the maintenance plan will ensure the ongoing effectiveness of the information assurance plan 12
Articulation of Response Submission has no major errors related to citations, grammar, spelling, syntax, or organization Submission has major errors related to citations, grammar, spelling, syntax, or organization that negatively impact readability and articulation of main ideas Submission has critical errors related to citations, grammar, spelling, syntax, or organization that prevent understanding of ideas 4
Total: 100%
