MGT 433: Grading Rubric

MGT 433:

MGT 433: Building, Deploying and Maintaining a High Impact Awareness Program - Grading Rubric

V1.2 - 06 June, 2012

Below is the assignment that covers BOTH the substitute for the exam and the written assignment for M433 Building, Deploying and Maintaining a High-Impact Security Awareness Program:

Note: We strongly suggest you develop this plan for your organization. If that is not possible, we recommend you plan a security awareness program for a local non-profit or community organization. The intent of this assignment is to have your work directly benefit an organization. If neither option is possible, then a case-study point of view is acceptable. It is expected this project will take 5-10 hours.

You will develop and deliver a customized security awareness plan for a specific organization based on the process covered in MGT 433. This plan can be either designed for a new program or improving an existing one. The plan must include, but is not limited to the following information.

  1. Develop a Project Charter.
  2. Identify Key Stakeholders & Steering Committee members.
  3. Identify the key roles you will be targeting for the awareness training. (WHO).
  4. Identify the top ten topics that will have the greatest impact for one of the roles you identified in Step 2. Be sure to include an explanation of why you picked these ten topics as the most important and a learning objectives document for each of the top ten topics. (WHAT)
  5. Identify how you will communicate those topics for the target (HOW). Specifically what will be the primary and reinforcement training?
  6. Develop and document a project schedule, including initial roll-out milestones, annual training scheduling, and reinforcement training timeline. You are not required to have specific dates, instead we are looking to ensure you include all key milestones and proper time and order for each of the activities.
  7. Develop and document a plan for the annual review of your security awareness program. Specifically when and how you will update and improve both what you communicate and how.
  8. Develop and document a plan for metrics and measuring both the deployment and the impact of your security awareness program.

The project should be delivered as a .zip compressed file containing the following five documents:

  1. Projectcharter.
  2. Stakeholder matrix.
  3. Steering Committee matrix.
  4. Execution plan documenting WHO, WHAT, HOW, project schedule, annual update process and metrics. This is the document that is ultimately sent to your management for review and approval. This is the plan that you will use to deploy your awareness program.
  5. Single document containing the learning objectives for each of the ten topics identified as part of WHAT. Be sure to have each new topic start on a new page in the document for easier reading. This document is one of the primary resources you use for developing your content.

As a resource to assist you with this assignment you can use the execution planning template and all other planning resources located at http://securingthehuman.sans.org/resources/planning.