Need help with a question.
Due: 9/9/2024
As the CISO of a health care facility you are tasked with using the information from the artifacts developed in the previous weeks, as well as the
NewTab Project Profile, to complete the following:
· Evaluate the requirements for a strategic plan.
· Create a strategic plan for the information security program supporting the organization’s business objectives.
· Develop a financial model for the investments needed to support the information security program in alignment with the strategic plan.
Part A: Strategic Plan
Create a 3- to 4-page information security strategic plan that includes the following components:
· Purpose of the strategic plan
· Major components in the information security organization, including the following:
· Security management
· Security governance, compliance, and policies
· Risk management
· Security operations center (SOC), including SIEM capabilities
· Required information security personnel for each component
· Recommended initiatives for improving the health care organization’s information security posture based on the POA&M from the Wk 2 – Security Assessment Plan assignment, including the following:
· Mitigation actions
· Cost for each mitigation
· Estimated time frame for completion of each initiative
Part B: Financial Model
Create a 3- to 4-page financial plan for the operation of the information security department as defined in Part A. Include the following:
· Description of each cost category along with the total annual operating costs
· Estimated annual operating costs for supporting the information security department based on the information in Part A
Note: A table is recommended for portraying the annual operating budget of the information security organization.
Cite any references according to APA guidelines.