Gap Analysis

Project #1: Gap Analysis
Instructions
Read the Case Study posted for this assignment (Case Study_Bank Solutions Disaster Recovery and Business Continuity –Projects 1 – 4.docx). Determine the information technology/security gaps and develop a security strategy that includes issues relating to confidentiality, integrity, and availability (CIA), and that includes the key elements relative to People, Process, and Technology.

Step by Step:
Step 1: Describe the key issues/challenges/risks from this case study.
Step 2: Based on the information provided in the case study, describe and document the recommended security strategy to mitigate the issues/challenges identified.
Step 3: Describe the proposed security solutions and relationship to the case study.
Step 4: Document a detailed, proposed timeline for addressing each element of the strategy that you identify. Provide estimates for implementing recommended strategies, with rationale. Include what resources are necessary for completing each task in the timeline.
Step 5: Provide a high-level recommendation regarding the next steps to take in mitigating risks identified.
Additional Information
Consult the grading rubric (attached under files section) for specific content and formatting requirements for this assignment.
Your 5 – 8 page Gap Analysis paper should be professional in appearance with consistent use of fonts, font sizes, margins, etc. You should use headings and page breaks to organize your paper.
Your paper should use standard terms and definitions for cybersecurity. See Course Content > Cybersecurity Concepts Review for recommended resources.
The CSIA program recommends that you follow standard APA formatting since this will give you a document that meets the “professional appearance” requirements. APA formatting guidelines and examples are found under Course Resources > APA Resources. An APA template file (MS Word format) has also been provided for your use CSIA_Basic_Paper_Template(APA_6ed,Nov2014).docx.
You must include a cover page with the assignment title, your name, and the due date. Your reference list must be on a separate page at the end of your file. These pages do not count towards the assignment’s page count.
You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs.
You are expected to credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must follow a consistent citation style (APA, MLA, etc.).

You may also use the sources below to complete this assignment:
Source Links:
Bank Solutions Disaster Recovery and Business (Case Study–CSIA 485 Projects 1 – 4)
NIST Cybersecurity Framework
NIST CSF Profile For Financial Services Industry (presentation)
https://www.aba.com/banking-topics/technology/cybersecurity?old=Documents/Financial-Services-Sector-Cybersecurity-Profile-Overview-User-Guide.pdf

Security and Privacy Controls for Federal Information Systems and Organizations (SP 800-53 r4)
Practice Guide: Financial Services: IT Asset Management (Executive Summary for NIST SP 1800-5a)
Chapters 1-4 in Practice Guide: Financial Services: IT Asset Management (NIST 1800-5b, draft)