This essay focuses on the maturity level of an organization’s business.the construction function assessment worksheet in Figure 10-2 earlier
In chapter 10, you learned how SAMM is used to assess the current level of maturity for an organization’s software assurance. Now, create a report that assesses the maturity level of an organization’s business function based on the project outlined in Appendix A. To help develop the report, use the construction function assessment worksheet in Figure 10-2 earlier in this chapter or a worksheet from another SAMM business function, as determined by your instructor. Your instructor may specify criteria that you need to include in your report. Part 2 Suggest a baseline set of security controls for the project outlined in Appendix A. Specifically, categorize the sensitivity level for the project using.
It is the approaches outline in FIPS 199 and develop a final statement .It is for the appropriate baseline (low, moderate, or high). Then justify your selection base on your assess- ment of the project. The information’s impact levels and any perceive threats in the project environment. Next, use the rating to select a baseline set of domains from FIPS 200. All of the domains may not be required because the organization. It is in the case is already performing some of the recommended activities.
Using the scoping guidance and recommended controls. It is in NIST 800-53 as a reference, construct a model control baseline for some aspect of the project. Include a justification for the scope and control set you select. In addition to the model controls, provide a plan. This for tailoring them to the precise requirements of the organization’s security. Provide a rationale for the tailoring approach as well as a method for ensuring that the controls are correctly and persistently established in the example organization