IT 552

IT 552 Milestone One Guidelines and Rubric

The final project for this course is the creation of a security awareness program proposal. In Module Two, you will take the first step in completing this project by creating the introduction section of your proposal. Begin by reviewing the Case Document, which will provide you with information about the organization for which you are creating the security awareness program proposal. Then, based on the scenario provided in the Case Document, write an introduction to your proposal that addresses the concerns of the chief executive officer and explains why the security awareness proposal will be vital to the organization. Specifically, the following critical elements must be addressed:

 What is the purpose of your proposal? Why is the new security awareness program vital for the organization? Use specific examples to illustrate your claims.

 Overall, how would you characterize the security posture of the organization? What were the major findings in your risk assessment of the organization’s current security awareness policies, practices, and processes?

 Specifically, are there human factors that adversely affect the security climate within the organization? If so, how? Be sure to consider unintentional and intentional threats to a healthy security culture.

 Specifically, are there organizational factors that contribute to an unhealthy security culture in the organization? If so, how? Be sure to consider organizational data flow, work setting, work planning and control, and employee readiness.

Guidelines for Submission: Your paper must be submitted as a two- to four-page Word document with double spacing, 12-point Times New Roman font, and one-inch margins, in APA format.

Critical Elements Exemplary (100%) Proficient (90%) Needs Improvement (70%) Not Evident (0%) Value

Purpose

Meets “Proficient” criteria and demonstrates evidence-based perspective on the significance of security awareness programs

Illustrates the purpose of the proposal using specific examples that demonstrate why the program is vital for the organization

The purpose of the proposal is minimally addressed

Does not describe the purpose of the proposal

20

Security Posture

Meets “Proficient” criteria and demonstrates perspective in the evaluation of the overall security posture using specific findings from the risk assessment

Makes a justifiable claim about the overall security posture of the organization

Insufficiently makes a claim about the overall security posture of the organization

Does not make a claim about the overall security posture of the organization

20

Human Factors

Meets “Proficient” criteria substantiated with examples of relevant unintentional and intentional threats

Identifies specific human factors that adversely affect the security climate and illustrates their impact

Insufficiently identifies specific human factors that adversely affect the security climate and illustrates their impact

Does not identify human factors that adversely affect the security climate

20

Organizational Factors

Meets “Proficient” criteria substantiated with relevant examples of data flow, work setting, work planning and control, and employee readiness

Identifies organizational factors that contribute to an unhealthy security culture

Minimally identifies organizational factors that contribute to an unhealthy security culture

Does not identify organizational factors that contribute to an unhealthy security culture

20

Articulation of Response

Submission is free of errors related to citations, grammar, spelling, syntax, and is presented in a professional and easy-to-read format

Submission has no major errors related to citations, grammar, spelling, or syntax

Submission has major errors related to citations, grammar, spelling, syntax, or organization that negatively impact readability and articulation of main ideas

Submission has critical errors related to citations, grammar, spelling, syntax, or organization that prevent the understanding of ideas

20

Earned Total 100%