Project 4: System Development or Application Assurance
Project 4: System Development or Application Assurance is a 1week project that explores cybersecurity implications related to software application development or procurement from the cybersecurity risk perspective. The deliverable in Project 4 is a documented procurement process that supports all three of the previous project results. The objective is to demonstrate the value-add of a procurement process that includes security principles, methods, and tools as used in the software development life cycle.
Project 4: System Development or Application Assurance
Start Here
It is critical that cybersecurity professionals be able to use all applicable systems, tools, and concepts to minimize risks to an organization’s cyberspace and prevent cybersecurity incidents. In this project, you will demonstrate your understanding of how to apply security principles, methods, and tools within the software development life cycle. You will also apply your knowledge of the cybersecurity implications related to procurement and supply chain risk management.
This is the fourth and final project for this course. There are 13 steps in this project. Begin below to review your project scenario.
scenario
System Development or Application Assurance
Your vulnerability assessment has been completed, and it’s a good thing, because you found several system weaknesses in the area of application software security.
If these weaknesses were exploited, it could ruin your company’s reputation. Not to mention causing major disruptions to operations and unexpected costs.
You plan on following up on these issues this afternoon, but it’s about lunchtime, so you head out for a quick bite to eat.
You pass by Maria Sosa’s office and see her at her desk. You knock on her door frame, peek inside, and ask if she has a minute. Maria motions to you. “Come on in.”
“What brings you to my office?”
You give her a high-level overview of your findings, and tell her that after lunch, you plan to start taking an even closer look.
Maria says: “That sounds great. Can you write up your analysis and recommendations for solutions? I’d like to share this with important stakeholders at the executive meeting next week. How does that sound?”
You nod in agreement. Then you make a beeline back to your office and grab an energy bar from your desk. You need to prepare for your presentation for the meeting next week.
Competencies
Your work will be evaluated using the competencies listed below.
? 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment.
? 1.5: Use sentence structure appropriate to the task, message and audience.
? 2.4: Consider and analyze information in context to the issue or problem.
? 9.4: Software Security Assurance: Demonstrate secure principles, methods, and tools used in the software development life cycle.
? 9.5: Software Security Assurance: Describe the cybersecurity implications related to procurement and supply chain risk management.
Artifacts to submit for this project
1) Software vulnerability assessment
2) Procurement policy list
3) Software acceptance policy
4) Test script procedures
5) Supply chain cyber security risk report
6) Acquisition alignment report
7) Supply chain risk mitigation final report
THIS IS WHAT IS REQUIRED FOR THE LAST
ARTIFACT. That is NUMBER 7 artifact above (Supply Chain Risk Mitigation Final Report)
Project 4: Supply Chain Risk Mitigation Final Report
Top of Form
|
Turnitin? |
|
|
|
Rubric Name: Supply Chain Risk Mitigation Final Report
Print Rubric
This table lists criteria and criteria group names in the first column. The first row lists level names and includes scores if the rubric uses a numeric scoring method. You can?give feedback on each criterion by tabbing to the add feedback buttons in the table.Competency
Exceeds Performance Requirements
Meets Performance Requirements
Does Not Meet Performance Requirements
1.1: Organize document or presentation in a manner that promotes understanding and meets the requirements of the assignment.
1.5: Use sentence structure appropriate to the task, message and audience.
2.4: Consider and analyze information in context to the issue or problem.
9.4: Demonstrate secure principles, methods, and tools used in the software development life cycle.
9.5: Describe the cybersecurity implications related to procurement and supply chain risk management.
Overall Score
Overall Score
Feedback
|
Associated Learning Objectives |
|
|
|
1.1.1: Present material in clear and/or logical order appropriate to task. |
|
Assessment Method:??Score on Criteria – 1.1: Organize document or presentation in a manner that promotes understanding and meets the requirements of the assignment. |
|
|
Required Performance:??Meets Performance Requirements |
|
|
|
|
|
Assessment Method:??Score on Criteria – 1.1: Organize document or presentation in a manner that promotes understanding and meets the requirements of the assignment. |
|
|
Required Performance:??Meets Performance Requirements |
|
|
|
|
|
Assessment Method:??Score on Criteria – 1.1: Organize document or presentation in a manner that promotes understanding and meets the requirements of the assignment. |
|
|
Required Performance:??Meets Performance Requirements |
|
|
|
1.1.4: Transition smoothly and develop connections from point to point. |
|
Assessment Method:??Score on Criteria – 1.1: Organize document or presentation in a manner that promotes understanding and meets the requirements of the assignment. |
|
|
Required Performance:??Meets Performance Requirements |
|
|
|
1.1.5: Create coherent progress from introduction through conclusion. |
|
Assessment Method:??Score on Criteria – 1.1: Organize document or presentation in a manner that promotes understanding and meets the requirements of the assignment. |
|
|
Required Performance:??Meets Performance Requirements |
|
|
|
|
|
Assessment Method:??Score on Criteria – 1.1: Organize document or presentation in a manner that promotes understanding and meets the requirements of the assignment. |
|
|
Required Performance:??Meets Performance Requirements |
|
|
|
|
|
Assessment Method:??Score on Criteria – 1.5: Use sentence structure appropriate to the task, message and audience. |
|
|
Required Performance:??Meets Performance Requirements |
|
|
|
|
|
Assessment Method:??Score on Criteria – 1.5: Use sentence structure appropriate to the task, message and audience. |
|
|
Required Performance:??Meets Performance Requirements |
|
|
|
1.5.3: Eliminate sentence-level errors such as run-ons/comma splices and sentence fragments. |
|
Assessment Method:??Score on Criteria – 1.5: Use sentence structure appropriate to the task, message and audience. |
|
|
Required Performance:??Meets Performance Requirements |
|
|
|
2.4.1: Articulate clearly and fairly others’ alternative viewpoints and the basis of reasoning. |
|
Assessment Method:??Score on Criteria – 2.4: Consider and analyze information in context to the issue or problem. |
|
|
Required Performance:??Meets Performance Requirements |
|
|
|
2.4.2: Identify significant, potential implications, and consequences of alternative points of view. |
|
Assessment Method:??Score on Criteria – 2.4: Consider and analyze information in context to the issue or problem. |
|
|
Required Performance:??Meets Performance Requirements |
|
|
|
2.4.3: Evaluate assumptions underlying other analytical viewpoints, conclusions, and/or solutions. |
|
Assessment Method:??Score on Criteria – 2.4: Consider and analyze information in context to the issue or problem. |
|
|
Required Performance:??Meets Performance Requirements |
|
|
|
9.4.1: Determine when to perform risk analysis during an application or system change. |
|
Assessment Method:??Score on Criteria – 9.4: Demonstrate secure principles, methods, and tools used in the software development life cycle. |
|
|
Required Performance:??Meets Performance Requirements |
|
|
|
9.4.2: Evaluate security implications in the software acceptance phase. |
|
Assessment Method:??Score on Criteria – 9.4: Demonstrate secure principles, methods, and tools used in the software development life cycle. |
|
|
Required Performance:??Meets Performance Requirements |
|
|
|
|
|
Assessment Method:??Score on Criteria – 9.4: Demonstrate secure principles, methods, and tools used in the software development life cycle. |
|
|
Required Performance:??Meets Performance Requirements |
|
|
|
|
|
Assessment Method:??Score on Criteria – 9.5: Describe the cybersecurity implications related to procurement and supply chain risk management. |
|
|
Required Performance:??Meets Performance Requirements |
|
|
|
9.5.2: Describe appropriate supply chain risk management practices. |
|
Assessment Method:??Score on Criteria – 9.5: Describe the cybersecurity implications related to procurement and supply chain risk management. |
|
|
Required Performance:??Meets Performance Requirements |
|
|
|
|
|
Assessment Method:??Score on Criteria – 9.5: Describe the cybersecurity implications related to procurement and supply chain risk management. |
|
|
Required Performance:??Meets Performance Requirements |
|
|
|
|
|
Assessment Method:??Score on Criteria – 9.5: Describe the cybersecurity implications related to procurement and supply chain risk management. |
|
|
Required Performance:??Meets Performance Requirements |
|
|
|
|
|
Assessment Method:??Score on Criteria – 9.5: Describe the cybersecurity implications related to procurement and supply chain risk management. |
|
|
Required Performance:??Meets Performance Requirements |
|
|
|
|
|
Assessment Method:??Score on Criteria – 9.5: Describe the cybersecurity implications related to procurement and supply chain risk management. |
|
|
Required Performance:??Meets Performance Requirements |
|
Submit Assignment
Bottom of Form
