Security Planning
Project Snapshot –
A security plan defines the practices, procedures, and recommended actions necessary to ensure a secure working network environment. The contents of the security plan are derived from the risk assessment process. Format and content of the security plan comply with government standards, including the Office of Management and Budget (OMB) Circular A-130, "Management of Federal Information Resources," Appendix III, "Security of Federal Automated Information Systems."
Results from risk and vulnerability assessments establish the foundation of a comprehensive security plan which defines the practices, procedures, and recommended actions to ensure a secure network environment. Vulnerabilities identified define the security design and improvement development activities. Areas of improvement include secure authentication schemes, link and/or point-to-point encryption, inclusion of firewalls, and additional vendor patches to critical IT software.
