The CISO of the organization reaches out to you, the senior information security officer, and tasks you with creating an agency-wide security awareness program. He states that he will give you all of his support to complete this project (remember, this is the first component of security awareness program). He hands you a security gap analysis (the second component of a security awareness program) that was conducted, which shows 10 major security findings. These 10 deficiencies will be translated into deliverables in the SOW. The CISO asks you to develop the SOW in order to establish the foundation for developing the agency’s security awareness program. (See the Case Document for more details on the gap analysis.)
Based on the scenario provided in the Case Document, develop the SOW. Be sure to include the purpose of the proposal, address the security concerns of the chief executive officer (CEO), explain why the security awareness proposal will be vital to the organization, describe how the security posture will be addressed, clarify how human factors will be assessed, and list any organizational factors that will contribute to the status of the security posture. The SOW should also address the scope of the work, project objectives, business needs, business goals, technical requirements, deliverables, tasks to achieve the deliverables, high-level schedule of completing the deliverables and tasks, and personnel and equipment requirements. The SOW will serve as the basis for developing the final proposal.
Students may use this SOW template as an example to guide them in completing this milestone. However, all work should be original.
For additional details, please refer to the Case Document, the Final Project Document, and the Milestone One Rubric document in the Assignment Guidelines and Rubrics section of the course.