Implementation: Describe your plan for implementing the program. You have identified 3 distinct activities. For each section of the plan, discuss what should happen to roll that area out, what the subtasks are, what deliverables should be created, and what success will look like.
Operations and Monitoring: Select 10 possible areas to monitor. You may select from the following suggestions, or use your own:
Security incidents (per week/month/year)Viruses detectedAdministrator violationsSpam not detectedIntrusion attemptsIntrusion successesInvalid log-in attemptsNumber of projects that have information technology (IT) security involvementPolicy exceptions granted and rejectedCurrent deployment of antivirus softwareAlarms and network intrusion attemptsNumber and impact of security incidentsVolumes of IDs created, deleted, or modifiedAny access keys created or deleted
Explain why you would want to monitor the areas you have chosen. Indicate both the values you would hope to see and the actions you would take if what you saw was not in alignment with that optimal range. Create a table with the following columns:
Monitoring itemWhy it must be monitoredOptimal rangeActions to take if it is not in range