Red Clay Renovations (RCR), programming homework help

Get perfect grades by consistently using www.assignmentgeeks.org. Place your order and get a quality paper today. Take advantage of our current 20% discount by using the coupon code GET20


Order a Similar Paper Order a Different Paper

Response needed:

Red Clay Renovations (RCR) has two field offices located in downtown Baltimore and suburban Philadelphia with each office.  The CISO has declared the System Security Plan (SSP) for the field offices are obsolete and served no purpose for the current security control state of the company.  The field offices can’t continue to operate without the SSP in place.  It is essential for each field office to have separate SSP because each field office operates and maintains its own IT infrastructure.  By having separate SSP; RCR will have a broader overview of its assets in each field and recognizes the need for security system and controls requirements.

RCR processes credit card data and sometimes involves in the handling of patient health information (PHI) plus maintains employees and customers PII.  The SSP will help maintain the minimum set of security control to protect sensitive information and the network systems.  The fact that each field office operates and maintains its own IT infrastructure the Chief Information Officer should have designated a senior agency information security officer (SAISO) at each field office to be responsible for SSP.  The SAISO at a minimum should

  • Develop and maintain information security policies, procedures, control techniques to address system security planning.
  • Manage the identification, implementation, assessment of common security controls.
  • Ensure that personnel with significant responsibilities for system security plans are trained.
  • Assists senior agency officials with their responsibilities for system security plans.
  • Identify and coordinates common security controls for the agency (Swanson, Hash et la.

2006).

  Another reason why a separate SSP is viable is because RCR must follow the local rules and regulations of the state that it is working.  Each field office needs to abide by the building codes for the states of MD and PA.  Moreover, each field office handles PHI, PII and sensitive data.  The separate SSP will help RCR headquarter to pinpoint which field office is in good standard with HIPAA privacy and security compliance, PCI DSS compliance, the Privacy Act and Gramm-Leach-Bliley Act (FCC, 2014).

  Each field office is unique therefore the security level might be different.  The SSP needs to reflect the latest guidelines of NIST SP 800-18 Rev 1, NIST SP 800-53, NIST SP 800-100,  FIPS 199, 200.  RCR shall implement its SSP using the family controls table below, it contains eighteen security controls.  These Security controls may highlight aspects of policy, oversight, supervision, manual processes, actions by individuals, or automated mechanisms implemented by information systems/devices (NIST, 2013).

"Is this question part of your assignment? We can help"

ORDER NOW

Writerbay.net

Do you need help with this or a different assignment? We offer CONFIDENTIAL, ORIGINAL (Turnitin/LopesWrite/SafeAssign checks), and PRIVATE services using latest (within 5 years) peer-reviewed articles. Kindly click on ORDER NOW to receive an A++ paper from our masters- and PhD writers.

Get a 15% discount on your order using the following coupon code SAVE15


Order a Similar Paper Order a Different Paper