Evaluate the components of technical plans

Evaluate the components of technical plans

Purpose

The purpose of this assignment is to analyze various business frameworks for IT and Security. These frameworks are used for strategic alignment with organizational goals of delivering high quality products and services.

Assignment Instructions

Scenario

In this scenario, you are an IT manager of a mid-size adaptive manufacturing company. The yearly revenue for the company is $15M, and there are 100 employees many of which are research and development personnel. You have been asked by upper management to put the plan together for a single integrated framework since there are continuous changes in technology, not to mention the pressure from suppliers and your customers. In this assignment, you will conduct research on different business frameworks for managing IT. Pick two frameworks and write a compare and contrast paper to present to management, so they can make an informed decision. Frameworks that you can pick from are COBIT5®, ITIL®, VAL IT®, Risk Frameworks®, TOGAF®, PRINCE2®, NIST Cybersecurity Framework® or any other framework you find that is applicable.

Assignment Requirements

Write an APA style compare and contrast paper to present to upper management so that an informed decision can be made on a business framework for IT and Security. You must choose two frameworks and identify three similarities and three differences. In addition, you will explain why you would pick one of the two frameworks by writing a compelling argument for one over the other. Be sure to use at least three examples in your argument. The paper should be at least five pages long not including the title page and references pages.

Solution Preview

Business Frameworks for IT and Security

Introduction

An information security framework is a model of documented and agreed procedures, policies, and processes defining how information should be managed within an organization to reduce vulnerability and risks, and increasing interconnectedness (Al-Ahmad & Mohammad, 2012). As such, different security frameworks have been designed to meet organizational needs and avert the challenges associated with running information security programs. These range from application security to encryption, to disaster recovery and ensuring business continuity. Besides, the integration of information security frameworks ensures compliance with regulatory requirements including PCI DSS (Al-Ahmad & Mohammad, 2012). Moreover, IT personnel can exploit these frameworks to outline and prioritize organizational tasks relative to security. To address specified information security challenges within organizations, frameworks are customized to meet company needs (Shackelford et al. 2015).

(1,633 words)