Project 1 - Employee Handbook (IT Security)

profileMicken2022
Project2CSIA413Instructions.docx

Project 2 - Manager's Deskbook (IT Security)

Top of Form

Hide Assignment Information

Instructions

Download the attached  detailed assignment description for this project. You should also review the rubric shown below for additional information about the requirements for the project and how your work will be graded. Please make sure that you use both the assignment description file AND the rubric when completing your work.

Attachments

CSIA 413 Project #2 Managers Deskbook v2022.docx  (59.66 KB)

Download All Files

Hide Rubrics

Rubric Name: Project 2: Manager's Deskbook

Print

Executive Summary

Excellent

Outstanding

Acceptable

Needs Improvement

Needs Significant Improvement

Missing or Unacceptable

Criterion Score

Executive Summary for the Policy Briefing Package

12 points

The Executive Summary provided an excellent summary of the policy package's purpose and contents. Information about the case study company was well integrated into the summary. Each policy was individually introduced and clearly explained. The material was well organized and easy to read.

10.2 points

The Executive Summary provided an outstanding summary of the policy package's purpose and contents. Information about the case study company was integrated into the summary. Each policy in the briefing package was individually introduced and briefly explained. The material was well organized and easy to read.

8.4 points

The Executive Summary provided an acceptable overview of the contents of the policy package. Information about the case study company was used in the summary. Each policy in the briefing package was named and briefly explained.

7.2 points

The Executive Summary provided an overview of the policy package. Information about the case study company was mentioned.

4.8 points

An executive summary was provided but lacked details as to the purpose and contents of the policy package.(Or, inappropriate or excessive copying from other authors' work.)

0 points

No work submitted.

Score of Executive Summary for the Policy Briefing Package,

/ 12

Data Breach Response Policy

Excellent

Outstanding

Acceptable

Needs Improvement

Needs Significant Improvement

Missing or Unacceptable

Criterion Score

Policy Introduction

12 points

The Data Breach Response policy contained an excellent introduction which clearly identified the policy issue and then addressed five or more specific characteristics of the company's business, legal & regulatory, and/or enterprise IT environments. The introduction clearly and concisely presented the major reasons why the company must have this policy.

10.2 points

The Data Breach Response policy contained an outstanding introduction which clearly identified the policy issue and addressed three or more specific characteristics of the company's business, legal & regulatory, and/or enterprise IT environments. The introduction addressed the reasons why the company must have this policy.

8.4 points

The introduction for the Data Breach Response policy identified the policy issue and addressed three or more specific characteristics of the company's business, legal & regulatory, and/or enterprise IT environments. The introduction mentioned at least one reason why the company must have this policy.

7.2 points

The introduction to the Data Breach Response policy mentions the case study company and why the policy is required.

4.8 points

The Data Breach Response policy was built from a sample template or list of "recommended" contents without customization for the case study company. (Or, inappropriate or excessive copying from other authors' work.)

0 points

No work submitted.

Score of Policy Introduction,

/ 12

Policy Content

24 points

The body of the policy provided an excellent description of the actions required to create and implement a data breach response plan. The policy identified the responsible parties, compliance requirements, and sanctions / disciplinary actions for compliance failures. Contact information is provided for questions about the policy. The policy was clear, concise, easy to understand, and appropriately organized.

21.6 points

The body of the policy provided an outstanding description of the actions required to create and implement a data breach response plan. The policy identified the responsible parties, compliance requirements, and sanctions / disciplinary actions for compliance failures. Contact information is provided for questions about the policy. The policy was easy to understand, and appropriately organized.

19.2 points

The body of the policy addressed the actions required to create and implement a data breach response plan. The policy identified the responsible parties, compliance requirements, and sanctions / disciplinary actions for compliance failures. Contact information is provided for questions about the policy. 

16.8 points

The body of the policy identified most of the required actions for implementing data breach response and mentioned responsible parties, compliance requirements, and sanctions / disciplinary actions for compliance failures.

12 points

The policy was disorganized and difficult to understand. OR, inappropriate or excessive copying from other authors' work.

0 points

No work submitted.

Score of Policy Content,

/ 24

Shadow IT Policy

Excellent

Outstanding

Acceptable

Needs Improvement

Needs Significant Improvement

Missing or Unacceptable

Criterion Score

Policy Introduction

12 points

The Shadow IT Policy contained an excellent introduction which addressed three or more specific characteristics of the company's business, legal & regulatory, and/or enterprise IT environments and addressed the reasons why employees must comply with this policy. Compliance requirements are addressed and  contact information is provided for questions about the policy.

10.2 points

The Shadow Policy contained an outstanding introduction which addressed two or more specific characteristics of the company's business, legal & regulatory, and/or enterprise IT environments and addressed the reasons why employees must comply with this policy. Compliance requirements are addressed and  contact information is provided for questions about the policy.

8.4 points

The introduction for the Shadow IT Policy was customized for the case study company. One or more specific characteristics of the company's business, legal & regulatory, and/or enterprise IT environments were incorporated into the policy. Compliance requirements were addressed.

7.2 points

The introduction to the Shadow IT Policy mentions the case study company and compliance requirements.

4.8 points

The Shadow IT was built from a sample template or list of "recommended" contents without customization for the case study company. (Or, inappropriate or excessive copying from other authors' work.)

0 points

No work submitted.

Score of Policy Introduction,

/ 12

Policy Content

18 points

The body of the policy provided an excellent description of the required actions, the responsible parties, compliance requirements including audits, and sanctions / disciplinary actions for compliance failures. Contact information is provided for questions about the policy. The policy was clear, concise, easy to understand, and appropriately organized.

16.2 points

The body of the policy provided an outstanding description of the required actions, the responsible parties, compliance requirements including audits, and sanctions / disciplinary actions for compliance failures. Contact information is provided for questions about the policy. The policy was easy to understand and appropriately organized.

14.4 points

The body of the policy provided an acceptable description of the required actions. The policy mentioned at least two of the following: the responsible parties, compliance requirements including audits, and sanctions / disciplinary actions for compliance failures. Contact information is provided for questions about the policy. The policy was easy to understand and appropriately organized.

10.8 points

Organization and appearance need improvement. The Shadow IT policy mentioned compliance requirements for approval to purchase IT hardware, software, and services.

7.2 points

The Shadow IT Policy was disorganized and difficult to understand. OR, the policy was significantly lacking in content. (Or, inappropriate or excessive copying from other authors' work.)

0 points

No work submitted.

Score of Policy Content,

/ 18

Social Media Accounts Policy

Excellent

Outstanding

Acceptable

Needs Improvement

Needs Significant Improvement

Missing or Unacceptable

Criterion Score

Policy Introduction

6 points

The Social Media Accounts policy contained an excellent introduction which addressed five or more specific characteristics of the company's business, legal & regulatory, and/or enterprise IT environments and addressed the reasons why employees must comply with this policy.

4.8 points

The Social Media Accounts policy contained an outstanding introduction which addressed three or more specific characteristics of the company's business, legal & regulatory, and/or enterprise IT environments and addressed the reasons why employees must comply with this policy.

3.6 points

The introduction for the Social Media Accounts policy was customized for the case study company. Three or more specific characteristics of the company's business, legal & regulatory, and/or enterprise IT environments were incorporated into the policy.

2.4 points

The introduction to the Social Media Accounts policy mentions the case study company and why the policy is required.

1.2 points

The policy was built from a template or list of "best practices" with no customization for the case study company. (Or, inappropriate or excessive copying from other authors' work.)

0 points

No work submitted.

Score of Policy Introduction,

/ 6

Policy Content

12 points

The body of the policy provided an excellent description of the required actions, the responsible parties, compliance requirements, and sanctions / disciplinary actions for compliance failures. Contact information is provided for questions about the policy. The policy addressed all required actions listed in the assignment. The policy was clear, concise, easy to understand, and appropriately organized.

10.2 points

The body of the policy provided an outstanding description of the required actions (as listed in the assignment), the responsible parties, compliance requirements, and sanctions / disciplinary actions for compliance failures. Contact information is provided for questions about the policy. The policy was clear,  easy to understand, and appropriately organized.

8.4 points

The body of the policy identified the required actions (as listed in the assignment), the responsible parties, compliance requirements, and sanctions / disciplinary actions for compliance failures. Contact information is provided for questions about the policy.

7.2 points

The body of the policy identified most of the required actions (as listed in the assignment) and mentioned responsible parties, compliance requirements, and sanctions / disciplinary actions for compliance failures.

4.8 points

The policy was disorganized and difficult to understand. (Or, inappropriate or excessive copying from other authors' work.)

0 points

No work submitted.

Score of Policy Content,

/ 12

Professionalism

Excellent

Outstanding

Acceptable

Needs Improvement

Needs Significant Improvement

Missing or Unacceptable

Criterion Score

Addressed security issues using standard terms (e.g. confidentiality, integrity, availability, non-repudiation, authenticity, accountability, auditability, etc.).

6 points

Demonstrated excellence in the use of standard cybersecurity terminology to support discussion of security issues. Appropriately used 5 or more standard terms.

4.8 points

Discussion showed an outstanding understanding and integration of standard cybersecurity terminology to support discussion of security issues. Appropriately used 4 or more standard terms.

3.6 points

Correctly used standard cybersecurity terminology to support discussion of security issues. Appropriately used 3 or more standard terms.

2.4 points

Correctly used standard cybersecurity terminology to support discussion of security issues. Appropriately used 2 or more standard terms.

1.2 points

Attempted to use standard cybersecurity terminology to support discussion of security issues.

0 points

Did not integrate standard cybersecurity terminology into the discussion OR misused or incorrectly defined standard cybersecurity terms.

Score of Addressed security issues using standard terms (e.g. confidentiality, integrity, availability, non-repudiation, authenticity, accountability, auditability, etc.).,

/ 6

Organization & Appearance

6 points

Submitted work shows outstanding organization and the use of color, fonts, titles, headings and sub-headings, etc. is appropriate to the assignment type.

4.8 points

Submitted work has minor style or formatting flaws but still presents a professional appearance. Submitted work is well organized and appropriately uses color, fonts, and section headings (per the assignment’s directions).

3.6 points

Organization and/or appearance of submitted work could be improved through better use of fonts, color, titles, headings, etc. OR Submitted work has multiple style or formatting errors. Professional appearance could be improved.

2.4 points

Submitted work has multiple style or formatting errors. Organization and professional appearance need substantial improvement.

1.2 points

Submitted work meets minimum requirements but has major style and formatting errors. Work is disorganized and needs to be rewritten for readability and professional appearance.

0 points

Submitted work is poorly organized and formatted. Writing and presentation are lacking in professional style and appearance. Work does not reflect college level writing skills. Or, no submission.

Score of Organization & Appearance,

/ 6

Execution

12 points

No word usage, grammar, spelling, or punctuation errors. All quotations (copied text) are properly marked and cited using a professional format (APA format recommended but not required.)

10.2 points

Work contains minor errors in word usage,grammar, spelling or punctuation which do not significantly impact professional appearance. All quotations (copied text) are properly marked and cited using a professional format (APA format recommended but not required.)

8.4 points

Errors in word usage, spelling, grammar, or punctuation which detract from professional appearance of the submitted work. All quotations (copied text) are properly marked and cited using a professional format (APA format recommended but not required.)

7.2 points

Submitted work has numerous errors in word usage, spelling, grammar, or punctuation which detract from readability and professional appearance. Punctuation errors may include failure to properly mark quoted or copied material (an attempt to name original source is required).

4.8 points

Submitted work is difficult to read / understand and has significant errors in formatting, spelling, grammar, punctuation, or word usage.  Significant errors in presentation of copied text (lacks proper punctuation and failed to attribute material to original source).

0 points

No work submitted. OR, work contains significant instances of cut-and-paste without proper citing / attribution to the original work or author.

Score of Execution,

/ 12

Total

Score of Project 2: Manager's Deskbook,

/ 120

Overall Score

Do Not Use This Block

0 points minimum

Submit Assignment

Files to submit

(0) file(s) to submit After uploading, you must click Submit to complete the submission.

Add a FileRecord AudioRecord Video

Comments

Paragraph

Lato (Recommended)

19px (Default)

Bottom of Form

SubmitCancel