Posted: June 9th, 2022

CSIA 485: Practical Applications in Cybersecurity Management

Implementation Plan

CSIA 485: Practical Applications in Cybersecurity Management
University of Maryland University College

Introduction
The security of any information is important in ensuring that data does not fall into the hands of the wrong people. Lack of proper security features at Bank Solutions, Inc. has contributed towards the unsafe situation in their operations. Information security is important as it makes it possible for information to be accessed by the authorized individuals, enhancement of confidentiality and also integrity in the accessing, storage, and the transfer of the information related to individuals and organizations (Mäkelä, 2015). Many organizations come up with complicated systems to enable them to secure the data and information within their systems, from both internal and externals attacks. However, the main challenge has remained to be the implementations of the set and proposed systems and measures of ensuring that data is secure. This leaves the information vulnerable to attacks and even destruction, by both internal and external sources (Pesante, 2008). In this analysis, the main focus shall be the development of an implementation plan, for the challenges facing Bank Solutions, Inc. Included are also the strategies that should be made towards the enhancement of security for the information. Some of the recommended strategies include the through the development of the System Development Life Cycle (SDLC) and the gates or the decision points and describing the implementation solution to incorporate, people, processes, and technology to this plan.
Goals and Objectives
A number of goals and objectives have been set for this study. The objectives of this study are grouped into two categories: The business goals and objectives, and the project goals and objectives. They all aim at serving the success of this project and its implementation plan.
Business Goals and Objectives
There are various business goals which this study would aim at achieving, and which are important for the enhancement and the development of any business entities. The business goals and objectives include:
a) To establish a more secure security system
b) To improve the Disaster Recovery Business Continuity Plan (DRBCP) by ensuring that it is fully updated.
c) To include all stakeholders to enhance effectiveness and efficiency in the Disaster Recovery Business Continuity Plan (DRBCP) implementation plan.
d) To develop an effective plan which will help in the creation of a backup system which will ensure there is sufficiency in the general development of the Disaster Recovery Business Continuity Plan (DRBCP).
Project Goals and Objectives
The project’s goals and objectives of this study are created towards the enhancement of a better system in which better results would be achieved. The project goals and objectives include:
a) To develop a more efficient network based on the system development life cycle (SDLC) and the gates or the decision points.
b) To describe the implementation solution, its relationship to the CIA, incorporation, people, processes, and technology for the implementation of the plan and strategy.
Scope
The study will focus on the analysis of the security issues facing Banks Solutions Inc. A comprehensive analysis of the problems will be provided. Technologically based solutions for these challenges will also be provided. Included in the project will also be the estimated project expenses and the System Development Life Cycle (SDLC).
Scope Definition
The study covers a number of issues affecting operations at Banks Solutions Inc. Solutions are also explained in relation to the implementation of the security plan and the proposed security measures. The study will first provide details on the implementation of a high-level plan in the development of the required control changes which have been set for the security systems. The project will also analyze the vulnerabilities and convergence issues in the new environment as addressed under the implementation plan which has been proposed for the company. The study also includes the applicability of the system development life cycle (SDLC), gates and decision points in the mitigation process, as well as the implementation process. Finally, an implementation plan will be discussed by relating the implementation plan to CIA and incorporating people, processes, and technology to this plan.
Items beyond the Scope
There are a number of issues in the study which require in-depth analysis. First is the analysis of the materials of the previous studies. Secondly, more research is required to enhance understanding of the issue of the security implementation plan and the management process.
Projected Expenses
To enhance the effectiveness of this project, resources shall be used, including finances, manpower, and fixed facilities. However, for the purposes of this study, the resources will be defined in the monetary form and will be used for the day to day running of operations at Banks Solutions Inc. It is estimated that, the daily expense for this project will be $300, and that the general process of implementing the plan shall cost a total of $3 million. The total cost shall cater for the purchase of new equipment and the installation of the required software which will aid in the process of ensuring that all materials are well taken care of at the end.
Amount Proposed per piece Total pieces required Total Amount Purpose Total expenses
$300 30 days per month $9000 Daily Expenses for Maintenance $9000 per month
$1 Million 1 $1 Million Software Purchase $1 Million
$0.5 Million 1 $0.5 Million Software Installation and testing process $0.5 Million
$0.15 Million 10 $1.5 Million Machine Purchase $1.5 Million
Totals Expenses $ 3 Million + the daily expenses of $300

The System Development Life Cycle (SDLC)
The System Development Life Cycle (SDLC) is the process through which an information system can be developed. The process follows different steps which include the planning phase, the implementation phase and the maintenance phases (Radack, 2010). The System Development Life Cycle (SDLC) is very critical to the implementation of the set project plans including budgeting, documentation, as well as the information gathering processes. There are seven major phases of the System Development Life Cycle (SDLC), which include: planning, analysis, design, development, testing, implementation, and maintenance processes (Rhodes, 2012). The SDLC plan shall be used in the implementation of the security plan

Figure 1: The System Development Life Cycle (SDLC) Phases
. The planning phase involves the gathering of the required resources for the project. This includes both financial and human resources. The analysis phase shall involve the Assessment of the security problem at the company and propose an appropriate solution. The design phase shall involve the development of a security plan to address the security problem. The development, testing and implementation phases will involve the development and implementation of the designed solution. The final phase which is the implementation phase shall involve constant Assessments to maintain the health of the system. The figure below shows the proposed network for the company

Figure 2: Network Design

Schedule/Timeline for the Implementation Process
The implementation process for this project shall take a period of three months. In the period of three months, various activities shall have taken place. Some activities such as the surveying process of the environment, the analysis of the required materials for the job implementation, the market survey for the available products, and the purchasing of the products will be carried out in the first month. The second month shall include the assembling of the materials, as well as checking process for their functionality. The third month shall include the process of testing the viability of all the materials, correcting the available mistakes, and putting the system into use. The following chart shows the time, for the three months, spread over a time period of 12 weeks.

Figure 3: Implementation Chart
The chart above explains the various activities which shall take place within the period of three months, with the activities spread over the time of twelve weeks, which estimated to cover the three months. The small table below shows the activities to be undertaken in each month, and specifically, each week.
Month Week Activity
Month 1 Week 1 Surveying Process Of The Environment
Week 2 The Analysis Of The Required Materials For The Job Implementation
Week 3 The Market Survey For The Available Products
Week 4 The Purchasing Of The Products
Month 2 Week 1 & 2 Assembling Of The Materials
Week 3 & 4 Checking Process For The Material Functionality
Month 3 Week 1 Process Of Testing The Viability Of All The Materials
Week 2 Correcting The Available Mistakes
Week 3 & 4 Putting The System Into Use

Milestones in the SDLC
The completion of various activities in the project will mark the milestones, which will be indicators of the completion of various phases of the project. The first milestone will be the analysis of the security situation at Banks Solutions. This will give a full overview of the security situation at the company. The second milestone will be the development of the security plan to address the issues facing the company. The third milestone will be the design and development of a security plan using the SDLC process. The fourth milestone will be marked by the development of a testing plan for the proposed security plan and systems. The final milestone will be marked by the implementation process. The implementation process of the SDLC shall be used as the main point in the implementation of the strategy. During the implementation phase, all methods and resources required for the project will be determined and applied to evaluate the effectiveness of the project (Michigan Tech Information Technology, 2012). Through the implementation phase, various security strategies will be applied to ensure that information is fully secure.
Assumptions
A number of assumptions have been made in this project. First, it assumed that all the all the required materials for the project have been provided and ready for implementation. Another assumption is that all the challenges related to data security have been addressed and through the implementation process and a sustainable process of ensuring that there is effectiveness in the organization and the management of the information and data systems has already been put in place. Thirdly, it is also assumed that management related problems will not affect the success of the implementation plan.
Constraints
In most cases, the challenges which face the implementation of a project tend to delay the process of developing a successful project. The possible constraints to the project include the high cost of materials such as software and equipment, limited resources, lack of support from the management, poor cooperation from some of the employees and lack of skilled personnel to handle some of the tasks. According to Lau, and Kong (2013), project constraints can delay the implementation of a project.
Another constraint is the expanded scope of the project which has led to an increased demand for time. In most cases, when the scope is expanded, then the time needed to complete the study also becomes a major challenge (Raimondi et al., 2013). Another challenge facing the implementation of this project is the cost. The cost is very high for the deployment and maintenance phases. The schedule is also a major constraint towards the implementation of the project. The time allocated for the implementation process is not adequate therefore would require extra operations for it to be to be completed within the provided timeline.
Critical Project Barriers
There is a number of barriers which have been identified as being critical towards the implementation of the project. The outcome would be that they would delay the deployment and the effectiveness of the project. The first barrier is the lack of adequate communication and collaboration between various project stakeholders. Poor cooperation is a major source of breakdown in the operations in various projects (Khan et al., 2016). The second limitation involves the differences which might exist in the language, culture, time, as well as the geographical distance between the parties to be involved in the general implementation process of the project. Other limitations include ambiguity in the software design and development, the existence of software integration problems, and the existence of weak and poor monitoring and control mechanism installed for the project.
Conclusions
Many issues related to project implementation have been raised in this study. One of the most critical issues of concern is the importance of enhancing control measures and effectiveness in the process of ensuring that data and information are secure. The study has mainly been focused on the implementation of the security plan using the SDLC as a strategy for enhancing the effectiveness of the project plan. Cost implications which are critical to project implementation have also been discussed in detail.

References
Khan, M.I., Khan, S.U., Khan, W.A., and Qasim, I., (2016). Critical Barriers in Project Management Faced by Offshore Software Multi-Sourcing Vendors: A Detailed Study. Proceedings of the Pakistan Academy of Sciences: A Physical and Computational Sciences. Volume 53, Issue 3. pp. 267– 280.Online Access http://www.paspk.org/wp-content/uploads/2016/10/Critical-Barriers-in-Project.pdf
Lau, E., and Kong, J.J., (c. 2013). Identification of Constraints in Construction Projects to Improve Performance. Division of Science and Technology, City University of Hong Kong. Online Access https://www.irbnet.de/daten/iconda/CIB4451.pdf
Mäkelä, K.L., (2015). The Awareness and Importance of Information Security amongst Young Travellers. Degree Programme in Hotel, Restaurant, and Tourism. Online Access https://www.theseus.fi/bitstream/handle/10024/94305/Makela_Kaisu.pdf?sequence=1
Michigan Tech Information Technology, (c. 2012). System Development Lifecycle. System Development Lifecycle. Online Access https://www.mtu.edu/it/security/policies-procedures-guidelines/system-development-lifecycle.pdf
Pesante, L., (2008). Introduction to Information Security. Carnegie Mellon University. Online Access https://www.us-cert.gov/sites/default/files/publications/infosecuritybasics.pdf
Radack, S., (c. 2010). The System Development Life Cycle (SDLC). Computer Security Division: Information Technology Laboratory & National Institute of Standards and Technology. Online Access http://www.droancollegeuk.com/downloads/System-development-life-cycle.pdf
Raimondi, A., Chesani, F., and Woods, T., (2013). Deliverable D2.2 “Impacts, constraints, objectives and implementation strategies in Regional Planning: General Aspects”. Engineering the Policymaking Life Cycle. Online Access https://cordis.europa.eu/docs/projects/cnect/7/288147/080/deliverables/001-D22.pdf
Rhodes, D.L., (2012). The Systems Development Life Cycle (SDLC) as a Standard: Beyond the Documentation. SAS Global Forum 2012. Online Access http://support.sas.com/resources/papers/proceedings12/194-2012.pdf

Order | Check Discount

Tags: best custom paper writing service, best online paper writing service, best paper writing service, best research paper writing services, cheap research paper writing service, cheapest paper writing service