Organizations should consider a risk

-

based approach when implementing a cybersecurity strategy or

program. Identify a critical infrastructure of choice and list three pros and cons to using the

NIST CSF,

NIST RMF, or ISO 27001 Certification. Identify if the organization is a SMB and if it is private or

government

-

based. Which do you believe provides greater protection? Why?

Organizations should consider a risk-based approach when implementing a cybersecurity strategy or

program. Identify a critical infrastructure of choice and list three pros and cons to using the NIST CSF,

NIST RMF, or ISO 27001 Certification. Identify if the organization is a SMB and if it is private or

government-based. Which do you believe provides greater protection? Why?

In this assignment, students will apply all concepts learned throughout the course. Students will clearly

communicate their understanding of what is required to secure an organization's most critical assets.

In a 750

-

to 1000

-

word paper, describe the main components of a 1

-

to 3

-

year strategic plan you would

present to your organization's senior leadership for consideration and implementation. You may choose

to do this for a federal agency or an organization f

rom the private sector. Make sure to address the

following:

1.

Name five critical policies you feel the organization should have and why they are important

2.

Name five critical risks most organizations face and how they can be

addressed

3.

What framework or certification process would you recommend the organization implement

and why?

4.

Indicate time, resources, and technology that may be required as part of the implementation

process

Make sure to reference academic or NIST official

publications (most current year available via the

Internet) or other relevant sources published within the last 5 years.

Prepare this assignment according to the guidelines found in the APA Style Guide,

You are required to submit this assignment to

turnitin

In this assignment, students will apply all concepts learned throughout the course. Students will clearly

communicate their understanding of what is required to secure an organization's most critical assets.

In a 750- to 1000-word paper, describe the main components of a 1- to 3-year strategic plan you would

present to your organization's senior leadership for consideration and implementation. You may choose

to do this for a federal agency or an organization from the private sector. Make sure to address the

following:

1. Name five critical policies you feel the organization should have and why they are important

2. Name five critical risks most organizations face and how they can be addressed

3. What framework or certification process would you recommend the organization implement

and why?

4. Indicate time, resources, and technology that may be required as part of the implementation

process

Make sure to reference academic or NIST official publications (most current year available via the

Internet) or other relevant sources published within the last 5 years.

Prepare this assignment according to the guidelines found in the APA Style Guide,

You are required to submit this assignment to turnitin