Cybersecurity Implementation Plan
Business Context / Use of Scenario
Implementation plan clearly, concisely, and accurately incorporated information about the designated business context and scenario information as presented in the course readings. No evidence present indicating use of previous course scenarios.
Introduction or Overview for the Implementation Plan for Security Strategy (for Designated Company)
Provided an excellent overview of the implementation plan. The introduction was clear, concise, and accurate. Writer appropriately used information from 3 or more authoritative sources
Goals & Objectives for Implementation Plan (for Designated Company)
Clearly identified (a) 3 or more business goals and objectives and (b) 3 or more project goals and objectives. Explanation of goals established the relationship between the security strategy for the designated company (project #1) and this project. Goals and objectives were stated in a clear, concise, and accurate manner. Appropriately used information from 3 or more authoritative
Scope, Assumptions, & Constraints for Implementation Plan (for designated company)
Provided an excellent analysis of the scope for the implementation project (including explanation of items that are beyond the scope). Clearly and concisely listed 6 or more assumptions (2), constraints (2), and barriers to success (2). Appropriately used information from 3 or more authoritative sources.
Project Management Plan (People, Processes, Technologies)
Provided an excellent description of the project management plan supporting implementation of the security strategy. Clearly and concisely identified and described the required management and monitoring structures using the people, processes, and technologies framework. Appropriately used information from 3 or more authoritative sources.
Strategy Implementation
Provided an excellent documentation package detailing the security controls required to implement the strategy. Provided a phased implementation schedule with timeline diagram using the System Development Lifecycle (SDLC) gates/phases and including milestones and resources required for each phase (people, money). Narrative documentation was clear, concise, and accurate. Appropriately used information from 3 or more authoritative sources.
Enterprise IT Architecture (for the designated company)
Provided an excellent documentation package detailing the hardware, software, network infrastructure, and cybersecurity defenses required to implement the cybersecurity strategy. Narrative documentation of the architecture was clear, concise, and accurate. Provided an updated Network Diagram showing the to-be state of the IT infrastructure including all mitigating or “control” technologies (e.g. firewalls, IDPS, DMZ, etc.). Appropriately used information from 3 or more authoritative sources.
