This paper is for a CISSP class and requires you to analyze the attached case study and respond accordingly.
You must demonstrate your knowledge and understanding of the 10 domains by referencing and connecting your response to the applicable domains
You must make a compelling case as to the values your department can bring (in terms of security and specifically the financial burden of security breaches) over an integrator that can provide services at 40% less than annual cost. Your position is that diminishing internal IT services risks security and strategic capability
Plan your arguments and locate credible references to support these (Wikipedia is not considered an academically credible reference, nor is a personal blog)
APA or MLA style will be acceptable
An Introduction and Summary in addition to the body content of the paper.
At a MINIMUM, ensure you do the following.
• Identify the organizational assets
• Describe the current organizational security posture and discuss the interrelationship between data and operations.
• Describe the problems that GDI is having and emphasize the negative monetary impact
• Assess the organizational risks posed by utilizing Software as a Service (SaaS), Infrastructure as a Service (IaaS), and how Confidentiality, Integrity, and Availability of the information system could be compromised. (see CIA Triangle)
• Recommend a mitigation strategy based on utilizing an in-house IT. In your strategy, also include a solution to virtualize datacenters (elaborating on the security benefits, High Availability, cost savings)