Part I – Answer the module review questions listed below. These questions were chosen to demonstrate your understanding and help you assess your progress.
- What is a project plan? List what a project plan can accomplish. What is the value of a statement of vision and objectives? Why is it needed before a project plan is developed?
- Describe and explain each of the five categories of constraints to project plan implementation.
- List and describe the four basic conversion strategies (as described in the chapter) that are used when converting to a new system. Under which circumstances is each of these the best approach?
- List and describe the options available for the location of the information security functions within the organization. Discuss the advantages and disadvantages of each option.
- For each of the major types of information security job titles covered in the module, list and describe the criteria used for selection.
Part II – Search the web for job descriptions of project managers. You can use any number of websites including www.monster.com or www.dice.com to find at least ten IT-related job descriptions. What common elements do you find among the job descriptions? What is the most unusual characteristic among the job descriptions?
Go to the (ISC)2 website at www.isc2.org. Research the knowledge areas included in the tests for both the CISSP and the SSCP. What are the requirements to become CISSP or SSCP certified?
Part III – Explain the need for the separation of duties and describe the special requirements needed to ensure the privacy of personnel data and identity management. Provide examples.
Part IV – In this module, you will complete your Security Implementation Plan and Compile all components from previous modules to create your completed Information Security Plan.
Using the airport case we have established in module three, using what you have learned in this module, and using the Web for examples of Security Implementation Plans, create a Security Implementation plan applicable to your airport project. You may use the Implementation Plan Template 1 (.docx) and Template 2 (.docx) as a guide or modify them as applicable to write your Security Implementation Plan.
Part V – Answer the module review questions listed below. These questions were chosen to demonstrate your understanding and help you assess your progress.
- List and define the factors that are likely to shift in an organization’s information security environment.
- What is a management model? What does it accomplish?
- List and briefly describe the five domains of the maintenance model.
- What is digital forensics and when is it used in a business setting?
- What is vulnerability assessment? What is penetration testing? What is the difference between configuration management and change management?
Part VI – Draft a tentative risk assessment of one area of your university or your workplace. Outline the critical faults found.
Part VII – In information security, penetration testing may be wrongly perceived as being a “hacker-like” activity. In addition, many of the activities of information security analysts seem to be an invasion of privacy. Discuss how employers can justify such activities and the use of tools such as Encase by Guidance Software.
Part VIII – Answer the Module Review Questions listed below. These questions were chosen to demonstrate your understanding and help you assess your progress.
- Identify and describe some of the factors that should be considered in make or buy or outsourcing decisions?
- Why is it important to develop a risk management plan? What is included?
- Describe key types of contract structures and explain how they can impact vendor performance.
- Describe some of the methods/tools that can be used to facilitate implementation of the system engineering process?
Part IX – Select a system of your choice, create an RFP (data package and accompanying letter for bid).
Part X – How can political, social/societal, cultural, and economic factors influence the supplier selection process? Provide examples.
Part XI – Submit your group project work for Module 8 – Requirements Allocation, System Synthesis, Analysis and Design Optimization, and System Test and Evaluation:
- Functional Packaging and Partitioning
- Allocation of System Level Requirements to Subsystem Level and below
- System Synthesis, Analysis and Design Optimization
- System Test and Evaluation
***** My portion is #1 Functional Packaging and Partioning**
Your document should be 7-10 pages, follow APA format, and should use the bullets included under each header as sections. The document should carry enough details about the proposed system.
Part XII – Answer the Module Review Questions listed below. These questions were chosen to demonstrate your understanding and help you assess your progress.
- Identify three to four types of organizational structures. Briefly describe each, and discuss some of the advantages and disadvantages of each, which type is the preferred structure from a system engineering perspective?
- Describe some of the challenges associated with the management of supplier organization and related activities.
- What is meant by theory X and theory Y, which is preferred from a system engineering perspective?
- Why is system engineering evaluation and feedback important? Describe some of the benefits that could be gained from this process.
Part XIII – Refer to Figure 6.33 and Appendix E. Develop a supplier checklist for the purpose of evaluation (prepare the checklist in the format shown in Figure 6.33 and provide a breakout of the factors for each item in your checklist as illustrated in Appendix E).
Part XIV – You are planning to hire a new system engineering department manager. What leadership characteristics would you identify as being critical, and why (identify in order of importance).