Instructions: Please provide a one page response to the following topic utilizing supporting documentation obtained from your textbooks and the Internet. Be sure to include an APA Reference Page with your reply.
Topic: Compare and Contrast various Business Continuity & Disaster Recovery Planning models.
I do not have the bandwidth to complete this assignment without your assistance. This assignment is an Executive memo that will be sent to non technical people about the who, what, when, where, why, and how of a security incident that occured at the company. The incident is a senior level employee committing an insider threat by stealing confidential business designs via P2P. I have attached the rubric for the assignment, a copy of my forensic report for the incident, school supplied forensic notes on the security breach and a copy of my investigative journal that was completed throughout the course. Thank you again.
Provide a full response to the exercise below. List all
assumptions used to discuss the case study. Provide evidence and instances from
the case study, along with real-world or makeup examples to support the argument:
This topic is strictly about Information Technology Project Management
Please use source the source attached.
1) Describe in detail, 12 planning processes that Moore Edition Books might have implemented for each of its projects. (use pages 106-107 Table 3-7, which states all planning processes. Other examples of planning processes are strategic planning SWOT pg 156, and Quality planning pg 332)
Project Management at Moore
Moore Edition Books is a publishing
firm started by Bret Moore and Jamie Kerr. At the start, Brett oversaw the publishing and printing of the
books, while Jamie managed editing, sales, and marketing for the company. The company introduced new, advanced technologies,
and some innovative & creative publishing techniques, which help them land
two large contracts and made them very profitable in their first two years of
In year three, the
business was contracted by a large university
to develop their eBooks. The company then hired several part-time
employees to help with the increased publishing business. But, by the end of that
third year, Moore Edition Books started experiencing several major problems, which resulted in a loss for the year.
The issues included:
• Ineffective employees due to poor
• Late delivery of the eBooks to the
• Additional money and time spent fixing
product defects due to poor quality
• Failed control cost measures
The issues at Moore Edition Books did
not improve. As new resources were hired, business continued to drop. Several
projects failed due to poor estimates. The university customer was unhappy as
their eBooks were delivered two or three weeks late for the start of the
Moore Edition Books hired a full-time
project manager, Alison Lee, to help them address the challenges the company
was facing, especially problems with their projects. In meeting with Alison,
Brett and Jamie outlined the problems they were having both with their projects and
operations. Brett and Jamie recognized that Alison was a certified
project management professional, had great interpersonal skills, detail-oriented, and an excellent communicator. All
skills that they think make her a perfect fit for the company and the
Upon her initial assessment, Alison
noted that Moore Edition Books lacked a disciplined project management approach.
She observed that projects were being completed with a project plan in place,
they did not use any project software for managing and tracking the project. The
project teams did not use any project management tools, techniques, standards,
or best practices in some key activities. Management had no standard process to
manage critical project areas.
Within three months, Alison implemented formal project management
processes, created a PM manual, and trained the project teams on the processes
and procedures. Alison got all
projects back on track and things moving in a positive direction.
This assignment builds upon your previous two assignments, so the framework should be based on your choice of industries: aerospace, healthcare, or government agencies.
You must include the following information in your assignment:
a title page containing the company name and your name;
the contents of the security framework, which should include at least 12 control identifiers (ID) with family notation of your choice and should include whether the control identifier is of low risk, moderate risk, or high risk impact;
a gap analysis including a minimum of three controls for ID; and
a reference page that must contain at least three references.
Your security framework must be at least one page in length, not including the title page and references page. This security framework will be added to your outline to produce a completed project at the end of the course. (Hint: Be sure to read your Study Guide.) Adhere to APA Style when creating citations and references for this assignment. APA formatting, however, is not necessary.
Congratulations on your new contract with Happy Accident Labs – “Our motto is: Smarticle Particles for Better Living”. See the scenario (Course Materials on left side menu) for information about the company and the tasks they would like you to complete. Each module you will document your penetration test activities which will be finalized in a penetration test report in the last module of the course. Be sure to go back and address any comments your professor provides so your report will get better as you progress through the term.
For this module, you will start your report. Based on what you know so far about Happy Accident Labs and your tasking you should produce:
A cover page
Begin the report index (this will be added to as the report grows)
Begin the executive summary completing
The project objectives
The scope of the project
The authorization sub-section which will include legal restrictions
The assumptions sub-section
For the legal restrictions research the local, state, and federal laws thath are in place governing penetration testing activities for Happy Accident labs.
Your paper should be at least two pages- 12 font, double spaced. Your paper must be uploaded in Microsoft Word or pdf format.
As a student, this case study should be of interest to you.
Read the case study titled “Gonzaga University Student” You must chose a side in this case either that of the student or that of Gonzaga University.
Do you feel that the University was justified in releasing the student’s records? Why or Why not?
You must cite resources to support your decision. This will take some research on your part. The resources that you cite must be peer-reviewed resources. Websites such as wikipedia.org will not work. Law journals, published articles, white papers, published books, and dissertations are credible resources. Please do not copy and paste entire paragraphs from these resources. MLA or APA citation is required for this assignment. Visit the following websites if you need help with MLA or APA citation.
Here’s a credible resource to get you started.
This week, your internship assignment takes you to the Corporate Security office, headed by the Chief Security Officer (CSO). This office has recently completed an investigation into how a competitor may have obtained copies of the confidential architectural drawings and design plans for a new type of resort that the company had planned for a recently acquired island property. At least one competitor is known to have received copies of the company’s intellectual property through an economic development office within its country’s government. It is suspected that an Advanced Persistent Threat mechanism may have been used to exfiltrate information from Padgett-Beale’s existing hotel property within that geo-political jurisdiction. Another competitor, also operating in that geographic area, contacted Padgett-Beale’s Corporate Security Office and disclosed that it had been sent URLs for web pages containing links to the resort plans by an unknown party. The other firm wanted to make it clear to Padgett-Beale that they did not condone nor participate in such illegal and unethical taking or receiving of another company’s intellectual property.
As part of the company’s response to this theft, the CSO’s office has been asked to prepare a background briefing for company’s executives that addresses the problem of protecting intellectual property stored in digital form. The briefing must include recommendations for best practices that the company’s executives should be adopting to prevent / respond to such thefts.
Begin by reading the attached readings. Then find additional information through your own research.
Write a summary of your research and analysis for review by the CSO’s senior staff. Your summary should begin by explaining the problem of intellectual property theft. Next, address the reasonable and customary processes and procedures which should be used to discourage or make it difficult for employees, managers, and executives to inadvertently misuse and/or steal the company’s intellectual property (at a minimum, you must address data classification and marking, separation of duties, and least privilege). You should also identify and explain three or more best practices which the company should implement as it responds to this growing problem. Your summary should be approximately 300 words. You may exceed this target but conciseness is valued.
Remember to list and cite your sources at the end of your research summary using a professional and consistent citation format (APA).
Reflection Paper (5 points, individual work). The value of reflecting on a completed exercise is to reinforce the learning objectives and ensure that you consider the merits of solving the problems contained in the exercise, rather than simply working towards submitting a series of deliverables. In this final paper, therefore, answer three questions: (a) describe one (or more) things you liked about the exercise, (b) describe one (or more) things you didn’t like about the exercise, or think of ways the exercise could be improved; and finally, (c) what do you think is the key issue at stake for any organization facing a ransomware attack? Note: If you fail to attend all of the project sessions you will forfeit all 5 points of the reflection paper.
My own writing, feel free to expand on these 3 points to make it a page:
This exercise taught me how to piece the evidence together and analyze them as a whole instead of rendering a verdict right after receiving one document. I like the process of approaching the case step by step and discussing it with my teammate.
However, there’s always one member that doesn’t participate nor contribute which makes the group project a little frustrating. I believe that participation is the key part of a group project.
I think the key issue at stake for any organization facing a ransomware attack is the trust of the stakeholders. If the company doesn’t have robust IT governance and has inadequate DRP in place, people will lose trust in the organization.
Project Name: Onboarding for entry level Technicians
Departments: Human Resources, IT Department
At our work, it was planned to make onboarding a priority for new employees. The process would be done online, since many of our workers telecommute. The plan was to set up the system, so new employees could provide their tax information, proof of citizenship, and other legal forms filed. Additionally, the project would include creating a new employee orientation and a handbook that could be saved and printed if the employee wanted to keep it. There was also specific department areas that would eventually be added to the system.
The entire system had to work with the current system and a few legacy programs that were employee databases. The project was to be planned, installed and upgrades done, and implemented within an eight-month period of time. The project costs were not to exceed the budgeted $53,000, as per the IT department estimates.
Schedule review report:
The planning was completed within six weeks, two weeks sooner than the time line for planning stage allowances. This was accomplished because most of the information from department heads and management were part of the original proposal. The upgrades were purchased as soon as the plan was approved and this turned out to be a good move. The upgrade programs were delivered within days and programmers hired to help with the system installation and implementation were beginning the work on the system within days rather than weeks. The system test of the upgrades went as planned with only some minor issues between the databases and the accounting systems, specifically payroll. The system testing had been announced and programmers gave each department potential problems they could look for so glitches were addressed quickly.
The new forms, database information, and new orientation program were then added to the system. This took longer than expected because the orientation had to have components for people with disabilities, namely voice and text to speech components that were not readily available and had to be modified. The visually impaired new hires were a concern since many of the jobs require some text to speech information as does the orientation. Of particular concern was the safety section of the orientation for the visually impaired. Testers had a problem with how to apply the speech component to the question and answer portion after the section completed. The time gained in the planning stage was used up in handling the issues. Fortunately, the IT chief had seen an applicable program that could be modified for visually impaired employees, helping to make sure the training for safety was consistent across the company.
The implementation was done in stages, first with those already employed going online and filing their new tax forms and providing personal information that automatically was updated in the employee databases. The financial departments tested the system for payroll and banking and found it working as planned. Finally, the system was introduced to the first set of new employees. Implementation went well for new hires and the company soon was able to expand their employee base to skilled individuals who did not live in the immediate area, allowing the company to expand its customer base as well.
The planning stage was the first step in the successful launch of the new system. It included not just what should be added, the costs expected, the budget, and the implementation schedule, but it also included the tests information and a list of potential problems that could occur based on the department and the end user. The list was modified as the system was installed to add other potential issues. Most of the potential issues did not happen, but those that did were discovered quickly because the plan included making people aware of the possibility of problems and who to contact to get them fixed quickly.
Testing of the banking part of the new system, including deposits and direct deposit was not the best part of the system upgrades and because the company did not like the complicated system and the time it took to work up deposits, the company had to find a different program that worked with a broader range of banks and financial systems to accommodate the various states and regions where new employees would be hired.
You are the Chief Information Security Officer (CISO) of a company
Read given scenario , then write some paragraphs based on the following:
List in the order of importance: risk
assessments, policies, metrics, and security strategy.
Discuss the relationship that risk assessments,
policies, metrics, and the security strategy play in the development of the information
3. Relate 5 privacy checklist items
See assignment attachment for scenario and detailed instructions