Gap Analysis Plan Outline
Learning Objectives and Outcomes
You will learn about the process of performing an information technology (IT) security compliance and governance gap analysis.
Assignment Requirements
In this assignment, you will be given a Request for Proposal (RFP) that includes a current IT policy framework description and a complete technical description of what is needed. You are required to prepare a project plan that defines the tasks necessary to perform a security compliance and governance gap analysis. You should include tasks, resources, cost estimates, and time estimates in the project plan.
You will be graded on your ability to break the IT security compliance and governance gap analysis process into manageable parts and then organize them into a project plan. Students who produce a project plan with task details for all necessary tasks in an IT security compliance and governance gap analysis should receive a full grade.
Required Resources
RFP
Worksheet: Project Plan IT Security Compliance and Governance Gap Analysis
Submission Requirements
Format: Microsoft Word
Font: Arial, Size 12, Double-Space
Citation Style: Chicago Manual of Style
Length: 1–2 pages
Self-Assessment Checklist
I have prepared a project plan that defines the tasks necessary to perform a security compliance and governance gap analysis.
I have included tasks, resources, cost estimates, and time estimates in the project plan.
© ITT Educational Services
Page 1
IS427: Unit 3 Project Plan
IT Security Compliance and Governance Gap Analysis Worksheet
Instructions: Given a Request for Proposal (RFP) that includes a current information technology (IT) policy framework description and a security gaps analysis report, prepare a project plan that defines the tasks necessary to identify privacy data and related gaps and recommend mitigation actions for each gap.
You should include tasks, resources, cost estimates, and time estimates in the project plan.
Task Number
Task Description
© ITT Educational Services
Required Resources
Cost
Duration
Page 2
You May Also Find These Documents Helpful
-
When specifying security policies for an enterprise, setting security on an individual-by-individual basis provides the tightest and most personalized security. The tradeoff, however, is the increased amount of administration effort in setting up the security and maintaining it on an ongoing basis. You have been brought in as a consultant from Smith Systems Consulting to advise Riordan Manufacturing on what it will take to establish adequate enterprise security policies. You will need to prepare a 3-5 page paper that highlights why they should establish separation of duties via role assignment and how this will provide safeguards to protecting the data in their information systems.…
- 354 Words
- 2 Pages
Satisfactory Essays -
When specifying security policies for an enterprise, setting security on an individual-by-individual basis provides the tightest and most personalized security. The tradeoff, however, is the increased amount of administration effort in setting up the security and maintaining it on an ongoing basis. You have been brought in as a consultant from Smith Systems Consulting to advise Riordan Manufacturing on what it will take to establish adequate enterprise security policies. You will need to prepare a 3-5 page paper that highlights why they should establish separation of duties via role assignment and how this will provide safeguards to protecting the data in their information systems.…
- 651 Words
- 3 Pages
Satisfactory Essays -
To complete this project you are required to initiate, plan, implement, monitor, finalise and review a straightforward work-related project based on a provided Scenario.…
- 5764 Words
- 24 Pages
Powerful Essays -
Swanson, M. (2006, February). Guide for Developing Security Plans for Federal Information Systems. Retrieved from http://csrc.nist.gov/publications/nistpubs/800-18-Rev1/sp800-18-Rev1-final.pdf…
- 4134 Words
- 12 Pages
Better Essays -
The only zero cost opportunity, standardizing polices and procedures, is also the most difficult. Processes for incident response, patch management, and preventative maintenance must be developed, refined and communicated to the appropriate staff. Incident response processes must further be exercised so all incident responders know exactly what to do in the event of a (D)DoS. Development and deployment policies must be developed defining the process for development and deployment and use of University owned and managed computing devices. Security must be forefront-outlining security in the software development life cycle (SDLC) for both University developed applications and off the shelf applications.…
- 569 Words
- 2 Pages
Good Essays -
Due in Week Nine: Write 3 to 4 paragraphs giving a bottom-line summary of the specific measureable goals and objectives of the security plan, which can be implemented to define optimal security architecture for the selected business scenario.…
- 4827 Words
- 20 Pages
Powerful Essays -
Successful completion of this project will ensure that you are capable of supporting the implementation…
- 2573 Words
- 19 Pages
Powerful Essays -
73. Requires the creation of computer security plans, and the appropriate training of system users or…
- 4435 Words
- 18 Pages
Satisfactory Essays -
Note. The Week Two assignment has been identified as a tool to assist in the university’s Programmatic Assessment Project. As such, completed student assignments may be periodically sampled for program analysis purposes. To assist in maintaining the integrity of the data collected, do not change the content of this assignment. Please delete this note before submitting to students.…
- 627 Words
- 4 Pages
Satisfactory Essays -
1.3 Plan how to carry out tasks using IT to achieve the required purpose and outcome…
- 3359 Words
- 15 Pages
Powerful Essays -
1.3 Plan how to carry out tasks using IT to achieve the required purpose and outcome…
- 2548 Words
- 11 Pages
Powerful Essays -
Governance of IT investments in support of the duties and responsibilities of the Information Technology Advisory Council and the Chief Information Officer of the Commonwealth;…
- 377 Words
- 2 Pages
Satisfactory Essays -
The purpose of this gap analysis is to use self-study resources to quickly identify the most obvious gaps in IT services on campus and then to use existing resources to begin to fill those gaps. The study also serves to establish baseline measures from which to measure progress toward future IT goals and plans. This self-study is not intended to replace development of a comprehensive strategic plan for ITT-Tech, but is rather meant as a perquisite to ensure that the required resources and conditions are in place for implementation of a strategic plan for IT by the time the plan is completed in spring 2014. A gap analysis is also needed to inform planning for campus budgeting as such budget planning for 2013-2014 will take place prior to completion for the IT strategic plan.…
- 486 Words
- 2 Pages
Satisfactory Essays -
References: IT IG Board Briefing in IT Governance, 2nd Edition, IT Governance Institute, 2003, www.itigi.org…
- 2116 Words
- 9 Pages
Powerful Essays -
Information Technology (IT) Governance is a subset of corporate governance that focuses on the management, assessment, performance and risk of IT resources in an organisation. IT governance was strongly pushed after the Sarbanes-Oxley Act in the USA (which came as a result from the numerous accounting scandals in the early 2000s such as Enron). IT governance is aligned with the goals and objectives of the firm and to hopefully create value through the effective and efficient use of IT resources. It is a tool that is used by many stakeholders such as executive management and the Board of Directors to assist them in reducing risk, creating value, set polices and internal controls of the firm. COBIT 4.0 defines IT Governance as ‘the responsibility of executives and the board of directors, and consists of the leadership, organisational structures and processes that ensure that the enterprise’s IT sustains and extends the organisation’s strategies and objectives.’ A framework must be implement which sets out the standards, best practices and rules that must be adhered to for IT Governance to be successful. This report will identify, compare, discuss and analyse the three most used frameworks worldwide; ISO 38500, COBIT and ITIL v3.…
- 2453 Words
- 10 Pages
Powerful Essays