Description
Need a security services directory. Must build the directory based off what the case company needs will be. I am attaching a NIST document that spells out examples of various security services (GRC, IAM, DFIR, etc).
Instructions are:
Prepared using APA style.
Prepared using the template that has been provided in the following pages of this document following all embedded instructions.
Uses the proper language and construction to communicate to an executive-level audience that for which this report is prepared.
Just as you are expected to do for all business communications, you must prepare a cover memorandum that serves to convey this report and serves as a very high-level executive summary of your findings.
Report Structure:
• Includes a complete plan of precisely how you would work within the case company to create a directory of security services. Your plan must include:
o the information that will be provided for each service in your directory,
o how will you identifying the services to be listed as rows on your planned directory,
o how will you collect the needed information for the services you have identified, and
o how will you validated the plan you have created here with your business-unit partners
o The purpose of a directory is to identify what is performed, how much or how often it is performed, what the costs (and perhaps revenues) are for the activity, and a business-based justification for the activity.
• Prepare a security services table making the assumptions necessary as if the plan you have developed were executed completely. The table will:
o Include a row for each identified planned service for the case company
o Complete or estimated values for each column of each row
o Provide placeholder values for the columns of information for every one of the services you identify using the method of describing less critical information by placing it in angle brackets “<>” if the information cannot be readily determined with the time and resources available.
• Prepare a complete deployment project plan for security service development in the case company with:
o appropriate project stages needed to build out the services identified in the table you have prepared,
o a timeline showing the relative sequencing of the stages showing expected durations and identifying precursors
o For each stage:
identify which services will be included in the stage
enumerate estimates for the resources will be required to complete the service development to include capital expense, labor inputs (number of hours and expected level of individual resources), and other expenses such as subscriptions and operating costs.
Page count:
Cover = 1 page
Exec Summ = 1 page max
Prob Stmt = 1 or 2 paragraphs
Scope = 1 or 2 paragraphs
Plan = 1 to 3 pages depending on your level of detail
Table = 3 to 5 landscape pages
Project Plan = 1 to 3 pages depending on your level of detail
Discussion = 1 or 2 paragraphs
Conclusion = 1 or 2 paragraphs