Levels Tought:
Elementary,Middle School,High School,College,University,PHD
Teaching Since: | Apr 2017 |
Last Sign in: | 5 Weeks Ago, 3 Days Ago |
Questions Answered: | 4870 |
Tutorials Posted: | 4863 |
MBA IT, Mater in Science and Technology
Devry
Jul-1996 - Jul-2000
Professor
Devry University
Mar-2010 - Oct-2016
Needs Improvement
Needs Significant Improvement
Missing or Unacceptable
Introduction or Overview for the Case Study
20 points
Provided an excellent overview of disaster recovery / IT service continuity. The overview appropriately used information from 3 or more authoritative sources.
18 points
Provided an outstanding overview of disaster recovery / IT service continuity. The overview appropriately used information from 2 or more authoritative sources.
16 points
Provided an overview of disaster recovery / IT service continuity. The overview appropriately used information from 2 or more authoritative sources.
14 points
Provided an overview but the section lacked important details about disaster recovery and/or IT service continuity. Information from authoritative sources was cited and used in the overview.
10 points
Attempted to provide an introduction to the case study but this section lacked detail and/or was not well supported by information drawn from authoritative sources.
0 points
The introduction and/or overview sections of the paper were off topic.
Identified and Explained the Reasons Why Cybersecurity Should be Addressed in DR/BCP Strategies & Plans
20 points
Provided an excellent discussion which included 5 or more reasons why cybersecurity should be specifically addressed in the company’s DR/BCP strategies and plans. Appropriately used information from 3 or more authoritative sources.
18 points
Provided an outstanding discussion of 4 or more reasons why cybersecurity should be specifically addressed in the company’s DR/BCP strategies and plans. Appropriately used information from authoritative sources.
16 points
Provided a discussion of 3 or more reasons why cybersecurity should be addressed in the company’s DR/BCP strategies and plans. Appropriately used information from authoritative sources.
14 points
Provided a discussion which included at least 2 reasons why cybersecurity should be addressed in the company’s DR/BCP strategies and plans. Appropriately used information from authoritative sources.
10 points
Provided a discussion of cybersecurity in the context of DR/BCP decision making. The discussion lacked detail and/or was not well supported by information drawn from authoritative sources.
0 points
This section was missing, off topic, or failed to provide information about cybersecurity considerations for DR/BCP decisions.
CISO Roles & Responsibilities for DR/BCP Planning
10 points
Provided an excellent discussion of the CISO & CISO staff roles, responsibilities, and best practices for integrating cybersecurity into DR/BCP planning. Appropriately used information from 3 or more authoritative sources.
8.5 points
Provided an outstanding discussion of CISO & CISO staff roles, responsibilities, and best practices for integrating cybersecurity into DR/BCP planning. Appropriately used information from 3 or more authoritative sources.
7 points
Provided a discussion of CISO & CISO staff roles, responsibilities, and best practices for integrating cybersecurity into DR/BCP planning. Appropriately used information from authoritative sources.
6 points
Discussion provided some information about CISO & CISO staff best practices, roles, and responsibilities for DR/BCP planning. Mentioned information obtained from authoritative sources.
4 points
Discussion provided some information about CISO & CISO staff best practices, roles, and responsibilities for DR/BCP planning but the lacked detail and/or was not well supported by information from authoritative sources.
0 points
Did not address roles & responsibilities of the CISO & CISO staff for DR/BCP planning.
CISO Roles & Responsibilities for DR/BCP Implementation
10 points
Provided an excellent discussion of CISO roles, responsibilities, and best practices for integrating cybersecurity into DR/BCP implementation (i.e. acquistion & contracting). Appropriately used information from 3 or more authoritative sources.
8.5 points
Provided an outstanding discussion of CISO roles, responsibilities, and best practices for integrating cybersecurity into DR/BCP implementation (i.e. acquistion & contracting). Appropriately used information from 3 or more authoritative sources.
7 points
Provided a discussion of CISO roles, responsibilities, and best practices for integrating cybersecurity into DR/BCP implementation (i.e. acquistion & contracting). Appropriately used information from authoritative sources.
6 points
Discussion provided some information about CISO best practices, roles, and responsibilities for DR/BCP implementation. Mentioned information obtained from authoritative sources.
4 points
Discussion provided some information about CISO best practices, roles, and responsibilities for DR/BCP implementation but the lacked detail and/or was not well supported by information from authoritative sources.
0 points
Did not address roles & responsibilities of the CISO for DR/BCP implementation.
CISO Roles & Responsibilities for DR/BCP Execution
10 points
Provided an excellent discussion of CISO roles, responsibilities, and best practices for integrating cybersecurity into DR/BCP execution (i.e. activating and overseeing recovery operations). Appropriately used information from 3 or more authoritative sources.
8.5 points
Provided an outstanding discussion of CISO roles, responsibilities, and best practices for integrating cybersecurity into DR/BCP execution (i.e. activating and overseeing recovery operations). Appropriately used information from 3 or more authoritative sources.
7 points
Provided a discussion of CISO roles, responsibilities, and best practices for integrating cybersecurity into DR/BCP execution (i.e. activating and overseeing recovery operations). Appropriately used information from authoritative sources.
6 points
Discussion provided some information about CISO best practices, roles, and responsibilities for DR/BCP execution. Mentioned information obtained from authoritative sources.
4 points
Discussion provided some information about CISO best practices, roles, and responsibilities for DR/BCP execution but the lacked detail and/or was not well supported by information from authoritative sources.
0 points
Did not address roles & responsibilities of the CISO for DR/BCP execution.
Addressed security issues using standard cybersecurity terminology
5 points
Demonstrated excellence in the integration of standard cybersecurity terminology into the case study.
4 points
Provided an outstanding integration of standard cybersecurity terminology into the case study.
3 points
Integrated standard cybersecurity terminology into the into the case study
2 points
Used standard cybersecurity terminology but this usage was not well integrated with the discussion.
1 point
Misused standard cybersecurity terminology.
0 points
Did not integrate standard cybersecurity terminology into the discussion.
APA Formatting for Citations and Reference List
5 points
Work contains a reference list containing entries for all cited resources. Reference list entries and in-text citations are correctly formatted using the appropriate APA style for each type of resource.
4 points
Work contains a reference list containing entries for all cited resources. One or two minor errors in APA format for in-text citations and/or reference list entries.
3 points
Work contains a reference list containing entries for all cited resources. No more than 3 minor errors in APA format for in-text citations and/or reference list entries.
2 points
Work has no more than three paragraphs with omissions of citations crediting sources for facts and information. Work contains a reference list containing entries for cited resources. Work contains no more than 5 minor errors in APA format for in-text citations and/or reference list entries.
1 point
Work attempts to credit sources but demonstrates a fundamental failure to understand and apply the APA formatting standard as defined in the Publication Manual of the American Psychological Association (6th ed.).
0 points
Reference list is missing. Work demonstrates an overall failure to incorporate and/or credit authoritative sources for information used in the paper.
Professionalism Part I: Organization & Appearance
5 points
Submitted work shows outstanding organization and the use of color, fonts, titles, headings and sub-headings, etc. is appropriate to the assignment type.
4 points
Submitted work has minor style or formatting flaws but still presents a professional appearance. Submitted work is well organized and appropriately uses color, fonts, and section headings (per the assignment’s directions).
3 points
Organization and/or appearance of submitted work could be improved through better use of fonts, color, titles, headings, etc. OR Submitted work has multiple style or formatting errors. Professional appearance could be improved.
2 points
Submitted work has multiple style or formatting errors. Organization and professional appearance need substantial improvement.
1 point
Submitted work meets minimum requirements but has major style and formatting errors. Work is disorganized and needs to be rewritten for readability and professional appearance.
0 points
No work submitted.
Professionalism Part II: Execution
15 points
No formatting, grammar, spelling, or punctuation errors.
14 points
Work contains minor errors in formatting, grammar, spelling or punctuation which do not significantly impact professional appearance.
13 points
Errors in formatting, spelling, grammar, or punctuation which detract from professional appearance of the submitted work.
11 points
Submitted work has numerous errors in formatting, spelling, grammar, or punctuation. Work is unprofessional in appearance.
4 points
Submitted work is difficult to read / understand and has significant errors in formatting, spelling, grammar, punctuation, or word usage.
0 points
No work submitted.
Overall ScoreExcellent
90 or more
Outstanding
80 or more
Acceptable
70 or more
Needs Improvement
56 or more
Needs Significant Improvement
36 or more
Missing or Unacceptable
0 or more
Rubric Name: Case Study #2 Rubric
Please
CSIA 350: Cybersecurity in Business & Industry
Case Study #2: Integrating Disaster Recovery / IT Service Continuity with Information
Technology Governance Frameworks
Case Scenario:
You have been assigned to a large, cross-functional team which is investigating adopting a new
governance framework for your company’s Information Technology governance program. Your first
assignment as a member of this team is to research and write a 2 to 3 page white paper which discusses
one of the Chief Information Security Officer (CISO) functional areas. The purpose of this white paper is
to “fill in the gaps” for team members from other areas of the company who are not familiar with the
functions and responsibilities of the Office of the Chief Information Security Officer.
Your assigned CISO functional area is: Disaster Recovery / IT Service Continuity (IT Service
Continuity is a subset of Business Continuity). Your white paper must address the planning,
implementation, and execution aspects of this CISO functional area. Your audience will be familiar with
the general requirements for business continuity planning (BCP), business impact analysis (BIA), and
continuity/recovery strategies for business operations (e.g. restore in place, alternate worksite, etc.).
Your readers will NOT have in-depth knowledge of the requirements / implementation strategies which
are specific to restoring IT services which support the critical functions of the business (as identified in a
BIA).
Note: in your Critical Analyses and Discussion for this case study you will address specific aspects
of a governance framework, e.g. COBIT®, ITIL®, or ISO/IEC 27002, which apply to planning and
implementation of disaster recovery / IT Service Continuity.
Research:
1. Read / Review the Week 3 readings:
2. Find three or more additional sources which provide information about best practices for IT Service
Continuity / Disaster Recovery planning, implementation, and execution. (Hint: begin by exploring
http://www.ready.gov/business ) For the purposes of this assignment, implementation means the
advance work necessary to implement recovery plans by acquiring or contracting for products,
services, infrastructures, and facilities. Execution means activating the DR/BCP plans and overseeing
the recovery operations.
Write:
Using standard terminology (see case study #1), write a two to three page summary of your
research. At a minimum, your summary must include the following:
1. An introduction or overview of disaster recovery / IT Service Continuity which provides definitions
and addresses the reasons why cybersecurity should be specifically addressed in the company’s
DR/BCP strategies and plans. This introduction should be suitable for an executive audience. Copyright ©2015 by University of Maryland University College. All Rights Reserved CSIA 350: Cybersecurity in Business & Industry
2. A separate section which addresses disaster recovery / IT Service Continuity planning functions
performed by staff members in the Office of the CISO.
3. A separate section which addresses best practices for implementing disaster recovery / IT Service
Continuity.
Submit For Grading & Discussion
Submit your case study in MS Word format (.docx or .doc file) using the Case Study #2 Assignment in
your assignment folder. (Attach the file.)
Formatting Instructions
1. Use standard APA formatting for the MS Word document that you submit to your assignment folder.
Formatting requirements and examples are found under Course Resources > APA Resources.
Additional Information
1. You are expected to write grammatically correct English in every assignment that you submit for
grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying
that your punctuation is correct and (d) reviewing your work for correct word usage and correctly
structured sentences and paragraphs. These items are graded under Professionalism and constitute
20% of the assignment grade.
2. You are expected to credit your sources using in-text citations and reference list entries. Both your
citations and your reference list entries must comply with APA 6th edition Style requirements. Failure
to credit your sources will result in penalties as provided for under the university’s Academic
Integrity policy. Copyright ©2015 by University of Maryland University College. All Rights Reserved
-----------