Using the case study (attached) and NIST SP 800-53, Identify

Using the case study (attached) and NIST SP 800-53, Identify and prioritize IT Securitycontrols that should be implemented. Discuss any applicable US Governmentregulations/standards that apply to this organization (The organization is fromProject 1)Step 1: Review the selected case study and describe atleast 10 issues related to security, interoperability, and operations.Step 2: Prioritize and articulate the selected requirementsbased on immediate need, security posture, complexity, resource availability,and cost.Step 3: Identify at least 4 applicable governmentregulations/ standards that govern how the requirements must be met, implemented,or measured. Provide rationale for why these are applicable.Step 4: Using NIST Special Publication 800-53 select atleast 4 security controls that relate to these issues and describe how thesecontrols enhance the security posture or facilitates the secure implementationof these requirements.The deliverable for this case study assignment will be a minimum 5 page,double-spaced paper using Times New Roman 12 font and APA style formatting forcitations and references. It will also include a minimum of 5 references. TheTitle/Cover page, illustrations (tables/charts/graphs), or references are notpart of the page count but are required for the assignment. The grading rubricprovides additional details as to what should be included in the paper. Yourinstructor may provide an APA style template to use for this paper.RUBRICSecurity, Interoperability, and Operations IssuesLevel 5Level 4Level 3Level 2Level 1Issues10 pointsIdentifies at least 10 issues based on the case study. 8 pointsIdentifies at least 8 issues based on the case study. 6 pointsIdentifies at least 6 issues based on the case study. 3 pointsIdentifies at least 3 issues based on the case study. The discussion lacked detail and/or was not well supported by information drawn from authoritative sources.0 pointsDoesn’t identify any issues based on the case study. Relationship12 pointsClearly describes and relates issues to security, interoperability and operations.9 pointsBasically describes and relates issues to security, interoperability and operations.6 pointsWeakly describes and relates issues to security, interoperability and operations.3 pointsLittle description or related issues to security, interoperability and operations. (Or, inappropriate or excessive copying from other authors’ work.)0 pointsNo description or relationship of issues to security, interoperability and operations.RequirementsLevel 5Level 4Level 3Level 2Level 1Prioritization12 pointsClearly prioritizes and articulates the issues as requirements based on immediate need, security posture, complexity, resource availability and cost.9 pointsBasically prioritizes and articulates the issues as requirements based on immediate need, security posture, complexity, resource availability and cost.6 pointsWeakly prioritizes and articulates the issues as requirements based on immediate need, security posture, complexity, resource availability and cost.3 pointsLittle prioritization or articulation of the issues as requirements based on immediate need, security posture, complexity, resource availability and cost. (Or, inappropriate or excessive copying from other authors’ work.)0 pointsNo prioritization or articulation of the issues as requirements based on immediate need, security posture, complexity, resource availability and cost.Applicable Regulations and StandardsLevel 5Level 4Level 3Level 2Level 1ID Applicable Government Documents5 pointsIdentifies at least 4 government regulations and standards.4 pointsIdentifies at least 3 government regulations and standards.2 pointsIdentifies at least 2 government regulations and standards.1 pointIdentifies at least 1 government regulation or standard. (Or, inappropriate or excessive copying from other authors’ work.)0 pointsNo government regulations or standards identified.Rationale Used12 pointsClearly identifies applicable government regulations and standards that govern how the requirements must be met, implemented or measured. Must provide the rationale for selecting the documents.9 pointsBasically identifies applicable government regulations and standards that govern how the requirements must be met, implemented or measured. Must provide the rationale for selecting the documents.6 pointsWeakly identifies applicable government regulations and standards that govern how the requirements must be met, implemented or measured. May provide the rationale for selecting the documents.3 pointsLittle identification of applicable government regulations and standards that govern how the requirements must be met, implemented or measured. May provide some rationale for selecting the documents. (Or, inappropriate or excessive copying from other authors’ work.)0 pointsDoesn’t identify any applicable government regulations and standards that govern how the requirements must be met, implemented or measured. Doesn’t provide the rationale for selecting the documents.Cites Regulations and Standards5 pointsClearly cites all government regulations and standards used.4 pointsBasically cites all but 1 government regulation or standard used.2 pointsCites all but 2 government regulations or standards used.1 pointCites just 1 government regulation or standard used. (Or, inappropriate or excessive copying from other authors’ work.)0 pointsDoesn’t cite any government regulations or standards.ControlsLevel 5Level 4Level 3Level 2Level 1Defines Controls12 pointsIdentifies at least 4 appropriate NIST controls and links them to each issue using logic. 9 pointsIdentifies at least 3 appropriate NIST controls and links them to each issue using logic.6 pointsIdentifies at least 2 appropriate NIST controls and links them to each issue using logic.3 pointsIdentifies at least 1 appropriate NIST control and links it to each issue using logic. (Or, inappropriate or excessive copying from other authors’ work.)0 pointsDoesn’t identify any appropriate NIST controls or links them to the issue using logic.Rationale for Control12 pointsClear and detailed rationale as to how those controls mitigate the risk identified.9 pointsBasic description of rationale as to how those controls mitigate the risk identified.6 pointsWeak description of rationale as to how those controls mitigate the risk identified.3 pointsLittle description and rationale as to how those controls mitigate the risk identified. (Or, inappropriate or excessive copying from other authors’ work.)0 pointsNo description or rationale as to how those controls mitigate the risk identified.Finds and Applies KnowledgeLevel 5Level 4Level 3Level 2Level 1Use of Authoritative Sources5 pointsUsed at least 5 authoritative or scholarly sources in paper. One must be NIST SP 800-53. No APA style errors in sources.4 pointsUsed at least 3 authoritative or scholarly sources in paper. One must be NIST SP 800-53. No more than 1 APA errors in sources.2 pointsUsed at least 2 authoritative or scholarly sources in paper. One must be NIST SP 800-53. No more than 2 APA errors in sources.1 pointMay have used 1 authoritative or scholarly source in paper. May use NIST SP 800-53. May not have used APA style formatting.0 pointsNo authoritative or scholarly sources used in paper. NIST SP 800-53 not mentioned.Citation of Sources5 pointsAll sources cited. No errors in citing material in paper.4 pointsAll but 1 source cited. Had no more than 5 citing errors in paper. 2 pointsAll but 2 sources cited. Had no more than 10 citing errors in paper.1 pointAll but 3 sources cited. Had less than 15 APA citing errors in paper.0 pointsNo sources cited or had more than 15 APA citing errors in paper.Organization, Execution and AppearanceLevel 5Level 4Level 3Level 2Level 1Formatting5 pointsPrepared MS Word document, used consistent formatting, section subheadings, submitted one file, used instructor provided template, correct coversheet and separate reference page and meets minimum page count.4 pointsMS Word document didn’t follow up to two (2) of the following: used consistent formatting, section subheadings, submitted one file, used instructor provided template, correct coversheet and separate reference page and meets minimum page count. 2 pointsMS Word document didn’t follow up to four (4) of the following: used consistent formatting, section subheadings, submitted one file, used instructor provided template, correct coversheet and separate reference page and meets minimum page count. 1 pointMS Word document followed only one (1) of the following: used consistent formatting, section subheadings, submitted one file, used instructor provided template, correct coversheet and separate reference page and meets minimum page count. 0 pointsNon MS Word document didn’t any of the following: used consistent formatting, section subheadings, submitted one file, used instructor provided template, correct coversheet and separate reference page and meets minimum page count. Grammar and Punctuation5 pointsNo grammar, use of first/second person, spelling or punctuation errors. 4 pointsLess than 5 grammar errors, use of first/second person, spelling or punctuation errors. 2 pointsLess than 10 grammar errors, use of first/second person, spelling or punctuation errors. 1 pointLess than 15 grammar errors, use of first/second person, spelling or punctuation errors. 0 pointsMore than 15 grammar errors, use of first/second person, spelling or punctuation errors.Overall ScoreLevel 514 or moreLevel 411 or moreLevel 38 or moreLevel 25 or moreLevel 10 or more