IT591-4: Analyze technical scenario elements for industry standards, compliance regulations, and laws to determine

Unit 6 Assignment Dropbox

Hide Assignment InformationTurnitin™This assignment will be submitted to Turnitin™.Hide RubricsRubric Name: IT591 Unit 6 Assignment RubricPrintCriterion 1Level III Max Points54 pointsLevel II Max Points45.9 pointsLevel I Max Points37.8 pointsNot Present0 pointsCriterion ScoreTeam – cross-industrial comparisonMeets all criteria:Selects two different types of organizations and describes them in moderate detailIdentifies and lists the types of information that these two businesses use, process, or store that must be protected by one of the regulatory requirements previously discussed in this course.Identifies the risk exposure for each of these two organizations and compares and contrasts these risks.Lists the risks (of the information being lost, corrupted, stolen, etc.) by different methods.Identifies the impact of not adequately protecting this information (consequences and costs).Identifies the compliance frameworks that would apply to these organizations based upon their information needs and applicable rules, regulations, and standards (e.g., ISO, COBIT, HIPPA, PCI, SOX, etc.).Lists the requirements or standards that apply to the two organizations based on their businesses and the information that they use or process.Meets three criteria:Selects two different types of organizations and describes them in moderate detailIdentifies and lists the types of information that these two businesses use, process, or store that must be protected by one of the regulatory requirements previously discussed in this course.Identifies the risk exposure for each of these two organizations and compares and contrasts these risks.Lists the risks (of the information being lost, corrupted, stolen, etc.) by different methods.Identifies the impact of not adequately protecting this information (consequences and costs).Identifies the compliance frameworks that would apply to these organizations based upon their information needs and applicable rules, regulations, and standards (e.g., ISO, COBIT, HIPPA, PCI, SOX, etc.).Lists the requirements or standards that apply to the two organizations based on their businesses and the information that they use or process.Meets two criteria:Selects two different types of organizations and describes them in moderate detailIdentifies and lists the types of information that these two businesses use, process, or store that must be protected by one of the regulatory requirements previously discussed in this course.Identifies the risk exposure for each of these two organizations and compares and contrasts these risks.Lists the risks (of the information being lost, corrupted, stolen, etc.) by different methods.Identifies the impact of not adequately protecting this information (consequences and costs).Identifies the compliance frameworks that would apply to these organizations based upon their information needs and applicable rules, regulations, and standards (e.g., ISO, COBIT, HIPPA, PCI, SOX, etc.).Lists the requirements or standards that apply to the two organizations based on their businesses and the information that they use or process.Does not meet any criteria.Score of Team – cross-industrial comparison,/ 54Criterion 2Level III Max Points47.25 pointsLevel II Max Points40.16 pointsLevel I Max Points33 pointsNot Present0 pointsCriterion ScoreTeam – Controls and SafeguardsMeets all criteria:Identifies and lists the types of controls that would be the most important to implement to safeguard this information to comply with regulations and to minimize risk to the organizations.Summarizes the internal controls that would need to be established to achieve these compliance goals (including physical, administrative, technological, and auditing controls that would have to be in place).Summarizes how the differences in business requirements, information needs, and regulatory environment affect business priorities, operations, and structure.Closes the paper with a conclusion, summary of lessons learned, and/or personal observations or opinions of the team.Meets three criteria:Identifies and lists the types of controls that would be the most important to implement to safeguard this information to comply with regulations and to minimize risk to the organizations.Summarizes the internal controls that would need to be established to achieve these compliance goals (including physical, administrative, technological, and auditing controls that would have to be in place).Summarizes how the differences in business requirements, information needs, and regulatory environment affect business priorities, operations, and structure.Closes the paper with a conclusion, summary of lessons learned, and/or personal observations or opinions of the team.Meets two criteria:Identifies and lists the types of controls that would be the most important to implement to safeguard this information to comply with regulations and to minimize risk to the organizations.Summarizes the internal controls that would need to be established to achieve these compliance goals (including physical, administrative, technological, and auditing controls that would have to be in place).Summarizes how the differences in business requirements, information needs, and regulatory environment affect business priorities, operations, and structure.Closes the paper with a conclusion, summary of lessons learned, and/or personal observations or opinions of the team.Does not meet any criteria.Score of Team – Controls and Safeguards,/ 47.25Criterion 3Level III Max Points13.5 pointsLevel II Max Points11.48 pointsLevel I Max Points9.45 pointsNot Present0 pointsCriterion ScoreConflict Management Skills EvaluationMeets all criteria:Discuss the types of inter-departmental conflicts that might arise during the risk assessment process.Summarizes five conflict management skills, based on cited research.Discusses which of these conflict resolution skills might be required to successfully implement effective security for one of the industries discussed in Part 1 of the assignment.Meets two criteria:Discuss the types of inter-departmental conflicts that might arise during the risk assessment process.Summarizes five conflict management skills, based on cited research.Discusses which of these conflict resolution skills might be required to successfully implement effective security for one of the industries discussed in Part 1 of the assignment.Meets one criterion:Discuss the types of inter-departmental conflicts that might arise during the risk assessment process.Summarizes five conflict management skills, based on cited research.Discusses which of these conflict resolution skills might be required to successfully implement effective security for one of the industries discussed in Part 1 of the assignment.Does not meet any criteria.Score of Conflict Management Skills Evaluation,/ 13.5Criterion 4Level III Max Points6.75 pointsLevel II Max Points5.73 pointsLevel I Max Points4.8 pointsNot Present0 pointsCriterion ScoreTeam Peer EvaluationSubmits a fully completed peer evaluation form.Receives an average rating of 12–15.Submits a fully completed peer evaluation form.Receives an average rating of 9–11.Submits a fully completed peer evaluation form.Receives an average rating of 8 or less.Does not meet any criteria.Score of Team Peer Evaluation,/ 6.75Criterion 5Level III Max Points13.5 pointsLevel II Max Points11.48 pointsLevel I Max Points9.45 pointsNot Present0 pointsCriterion ScoreAPA Style and Writing ConventionsMeets all criteria:Applies current APA style to in-text citations and references, and document formatting if appropriate, with minor to no errors.Writing is focused, concise, and organized and articulates at a college level, with minor to no errors.Uses resources from reliable and/or scholarly sources.Meets two criteria:Applies current APA style to in-text citations and references, and document formatting if appropriate, with minor to no errors.Writing is focused, concise, and organized and articulates at a college level, with minor to no errors.Uses resources from reliable and/or scholarly sources.Meets one criterion:Applies current APA style to in-text citations and references, and document formatting if appropriate, with minor to no errors.Writing is focused, concise, and organized and articulates at a college level, with minor to no errors.Uses resources from reliable and/or scholarly sources.Does not meet any criteria.Score of APA Style and Writing Conventions,/ 13.5TotalScore of IT591 Unit 6 Assignment Rubric,/ 135Overall ScoreLevel III114.76 points minimumLevel II94.51 points minimumLevel I1 point minimumNot Present0 points minimumRubric Name: IT591_2208E_-4PrintCriteriaMastery5 pointsProficient4 pointsPracticed3 pointsEmergent2 pointsIntroductory1 pointNo Progress0 pointsCriterion ScoreIT591_2208E_-4: Analyze technical scenario elements for industry standards, compliance regulations, and laws to determine strategy.Student work indicates the ability to analyze technical scenario elements for industry standards, compliance regulations, and laws to determine strategy and use the knowledge gained to complete the entire assignment successfully.Student work indicates the ability to analyze technical scenario elements for industry standards, compliance regulations, and laws to determine strategy and use the knowledge gained to complete most of the assignment successfully.Student work indicates the ability to analyze technical scenario elements for industry standards, compliance regulations, and laws to determine strategy and use the knowledge gained to complete more than half of the assignment successfully.Student work indicates some ability to analyze technical scenario elements for industry standards, compliance regulations, and laws to determine strategy and use the knowledge gained to successfully complete some but less than half of the assignment.Student work indicates little ability to analyze technical scenario elements for industry standards, compliance regulations, and laws to determine strategy.Student work demonstrates no understanding or progress towards achievement of this outcome.Score of IT591_2208E_-4: Analyze technical scenario elements for industry standards, compliance regulations, and laws to determine strategy.,/ 5TotalScore of IT591_2208E_-4,/ 5Overall Score5: Mastery4.5 points minimum4: Proficient3.5 points minimum3: Practiced2.5 points minimum2: Emergent1.5 points minimum1: Introductory0.5 points minimum0: No Progress0 points minimumAssociated Learning OutcomesIT591_2208E_-4Assessment Method: Overall Rubric ScoreRequired Performance: 0: No ProgressRubric Name: PC-1.3PrintCriteriaMastery5 pointsProficient4 pointsPracticed3 pointsEmergent2 pointsIntroductory1 pointNo Progress0 pointsCriterion ScoreApply conflict management skills to resolve issues and/or build team alliances.Team member fully engages in cooperative strategies in a team environment, which can include cooperation, negotiation and compromise, resulting in issue resolution and/or building team alliances.Team member employs cooperative strategies to address conflict in a team environment, which can include cooperation, negotiation, and compromise, but the issue is not fully resolved.Team member attempts to employ cooperative strategies to address conflict in a team environment, which can include cooperation, negotiation, and compromise, but is not able to apply his or her knowledge to the situation at hand.Team member can name and describe cooperative strategies in a team environment, which can include cooperation, negotiation and compromise, but doesn’t employ conflict management skills.Team member generally recognizes cooperative strategies in a team environment, which can include cooperation, negotiation and compromise, but doesn’t employ conflict management skills.Team member demonstrates little, if any, understanding or progress toward achievement of this outcome.Score of Apply conflict management skills to resolve issues and/or build team alliances.,/ 5TotalScore of PC-1.3,/ 5Overall Score5: Mastery4.5 points minimum4: Proficient3.5 points minimum3: Practiced2.5 points minimum2: Emergent1.5 points minimum1: Introductory0.5 points minimum0: No Progress0 points minimumAssociated Learning OutcomesPC-1.3Assessment Method: Overall Rubric ScoreRequired Performance: 0: No ProgressSubmit Assignment(0) file(s) uploaded to submitAfter uploading your file(s), you must click Submit button below to complete the submission…Add a FileREADING AND RESOURCESThis week’s readings are ideal for risk managers, information security managers, lead implementers, compliance managers, and consultants. The reading also provides useful background material for auditors. You will learn how to develop an ISO 27001-compliant risk assessment framework for an organization and deliver real, bottom-line business benefits.You can access the texts below by navigating to More Tools, selecting Library, then choosing Required Readings.Read the following article:“Systems for Conflict Resolution in Comparative Perspective”Systems for conflict resolution in comparative perspective (2020, March). ILR Review, 73(2), 312–344.Read the following chapters:Information Security Risk Management for ISO 27001/ISO 27002, 3rd ed.Chapters 1–3IT Governance Publishing, 3rd ed.Chapter 7: “The ISO 27001 Risk Assessment”ASSIGNMENT DETAILSUnit 6 Assignment: Team AssignmentOutcomes addressed in this activity:Unit Outcomes:Compare and contrast audit process and compliance requirements across industries.Evaluate how different audit processes and compliance requirements.Analyze how an audit process impacts risk for an organization.Course Outcomes:IT591-4: Analyze technical scenario elements for industry standards, compliance regulations, and laws to determine strategy.PC-1.3: Apply conflict management skills to resolve issues and/or build team alliances.PurposeThis assignment has two purposes. First, you are provided an opportunity to work in a team to complete an assignment and to evaluate team member performance, including the team’s ability to resolve conflict. Many projects in the real world are conducted on teams and this provides a good real-world experience in understanding how teams function.Secondly, you will have an opportunity to compare and contrast organizations in two different domains and evaluate the organization in terms of the information they collect, process, and store and to evaluate the organizations’ risk, audit/regulation requirements within each domain, and necessary security controls. This leaves you with a well-rounded view of the organizational impact of regulation across domains. You will also analyze areas related to risk analysis, standard compliance, and control implementation where conflict resolution may be necessary.Assignment InstructionsYour instructor will have set up teams during Unit 5 and will have posted those teams to Announcements. To complete this assignment, you are expected to attend team meetings, complete your individual part of the team Assignments, and contribute to the integration of those Assignments into a cohesive team submission. Team Tools:Your team has access to the full suite of Google® Tools through your student accounts, so you may want to use Google Docs for editing and sharing your work in progress.Part 1 – The Team ProjectPick two organizations (they can be real or hypothetical in nature). Make sure they are different types of organizations (like those listed below).MunicipalityEducational institution (e.g., university, community college, high school, etc.)Police stationRetail storeGovernment researchHospitalUtilityBankManufacturing facilityConvention centerAirlineMilitary installationDescribe the organizations in moderate detail.Identify the types of information that these two businesses use, process, or store that must be protected by one of the regulatory requirements previously discussed in this course.List the types of information and how the info is collected, used, processed, or stored.Identify the risk exposure for each of these two organizations. Compare and contrast these risks.List the risks (of the information being lost, corrupted, stolen, etc.) by different methods.Identify the impact of not adequately protecting this information (consequences and costs).Identify the compliance frameworks that would apply to these organizations based upon their information needs and applicable rules, regulations, and standards (e.g., ISO, COBIT, HIPPA, PCI, SOX, etc.).List the requirements or standards that apply to the two organizations based on their businesses and the information that they use or process.Identify and list the types of controls that would be the most important to implement to safeguard this information to comply with regulations and to minimize risk to the organizations.Summarize the internal controls that would need to be established to achieve these compliance goals (including physical, administrative, technological, and auditing controls that would have to be in place).Summarize how the differences in business requirements, information needs, and regulatory environment affect business priorities, operations, and structure.Close the paper with a conclusion, summary of lessons learned, and/or personal observations or opinions of the team.Part 2 – Conflict Management Skills Evaluation Consider the process of identifying risks, identifying relevant standards, and identifying and implementing security controls (both process and technology). In addition to identifying risks, standards, and controls, there is also a people element, and often there is tension between business needs and processes and security controls. Discuss the types of inter-departmental conflicts that might arise during this process. Using the library resources and the Internet, find and summarize five conflict management skills. Be certain to cite your sources. Focus on one of the industries discussed in part 1, and discuss which of these conflict resolution skills that might be required to successfully implement effective security for an organization.Part 3 – Team Peer EvaluationAfter completing the team assignment, you will rate your team member’s performance during this team assignment and consider conflict management styles. This part of the assignment is completed individually. You will assess your team members, and they will assess you using the Team Peer Evaluation form. The professor will not share your peer evaluation feedback with others; however, you may choose to ask teammates to share their perceptions with you so you can improve your team contribution.The points assigned for individual team participation are at the discretion of faculty, with the Team Peer Evaluation as one source of information. Refer to the grading rubric for a list of all graded items.In general, the following provides a guide for team participation:12–15 rating sum = 90 to 100% of team participation points awarded9–11 rating sum = 80 to 89% of team participation points awarded6–8 rating sum = 70 to 79% of team participation points awarded3–5 rating sum = Below 70% of team participation points awardedAssignment RequirementsInclude all 3 parts of this assignment in a single document, labeled, Part 1, Part 2, and Part 3.8–10 pages of content (exclusive of cover sheet and references page), using Times New Roman font style, 12 point, double-spaced, using correct APA formatting, and include a cover sheet, table of contents, abstract, and reference page(s)At least 1 credible source cited and referencedNo spelling errorsNo grammar errorsNo APA errorsFor more information on APA formatting and citation style, refer to the resources in the Academic Tools area of this course. Also review the university policy on plagiarism. If you have any questions, please contact your professor.Directions for Submitting Your AssignmentName your assignment document according to this convention: TeamName_IT591_Unit6. Submit your completed assignment to the Unit 6 Dropbox by the deadline.Review the rubric before beginning this activity.