Assingments % - Develop elements of a Cyber Security Awareness Plan for an organization.

Develop elements of a Cyber Security Awareness Plan for an organization. This can be either for building a new security awareness program or for improving an existing one. Base this Security Awareness Plan on an organization you currently work for, or one you have worked for in the past. Anonymizing the organization is fine and has no impact on your grade. Our goal is for you to create a plan that your organization can actually use. Another option is to create a Security Awareness Plan for an organization you are familiar with and that could benefit from your assignment, perhaps your local church, kid’s club, or school system.
The assignment should be in 12-point font, about 5-7 pages. We recommend submitting a draft of your assignment to the writing specialist before turning in the final assignment, though this is not required. When you receive feedback from the writing specialist, address the suggested edits, making sure to review and delete all comments before uploading the final version for grading.
Assume the person who is reading your Security Awareness Plan is a business leader, someone who is non-technical and most likely does not know what a Security Awareness Program is or how it benefits their organization. In some cases they may not fully understand the concepts and value of cybersecurity in general. In addition, providing a title page and table of contents can help, just as you would for a full plan.
Your Security Awareness Plan should should be uploaded as a single document (Word or PDF) and include the following sections in this order:
README
Please provide a simple README at the very beginning of your plan, explaining the following points:
The organization you picked.
Why you picked it.
The industry it is in.
How many employees (must have 25 people or more).
If the program is global
Are you building a new program or improves an existing one.
The README is not part of your grade but helps us better understand the context of your project plan.
Project Plan
A fully detailed program plan for an enterprise deployment could easily be 20-30 pages. Such a comprehensive document would be excessive for this class, so instead, we ask you to submit the parts of the plan we feel are the most important and students benefit from the most (listed below).
We encourage you to leverage the examples in your class Lab Workbook and the class Digital Download Package. Remember you are developing these plans for business leaders. This means the person reading your plan may not be technical and may not know or understand what an awareness program is. Your Project Plan section needs to include the following subsections in this order:
Executive Summary (1 page)
This section aims to provide leadership with a high-level overview of your plan.
Engagement / Training Strategies (2-3 pages)
The section should describe your program’s overall engagement and training strategy.
Metrics (1-2 pages)
Why will you collect metrics, and how will they be used strategically? What was your process in selecting the metrics? Why these metrics and not others?
Learning Objectives (1 page)
Select a key human risk your organization needs to manage and create a Learning Objectives document for that specific risk.

Struggling with where to start this assignment? Follow this guide to tackle your assignment easily!

Step-by-Step Guide to Writing Your Security Awareness Plan

Step 1: Understand the Assignment Requirements

Before you start writing, carefully review the instructions. Your assignment should:

Be 5-7 pages long in 12-point font.
Be written for business leaders who are non-technical.
Include a README section and a structured Project Plan.
Follow a clear sequence of sections: README, Executive Summary, Engagement/Training Strategies, Metrics, and Learning Objectives.

Step 2: Draft Your README Section (Not Graded, but Required)

The README section provides context for your Security Awareness Plan. Answer the following questions:

What organization did you pick? (Anonymizing is fine.)
Why did you choose this organization?
What industry is it in?
How many employees are there? (Must have at least 25 employees.)
Is the program global?
Are you creating a new program or improving an existing one?

Step 3: Write the Executive Summary (1 Page)

This section gives leadership a high-level overview of your plan. Include:

Purpose: Why is this plan necessary?
Scope: What does the plan cover?
Key Benefits: How will this plan help the organization?
Brief Overview: Summarize the main components.

Step 4: Develop Engagement & Training Strategies (2-3 Pages)

Describe how the organization will engage employees and provide training.

Awareness Campaigns: How will you educate employees about cybersecurity risks?
Training Methods: Online courses, in-person workshops, phishing simulations, newsletters, etc.
Target Audience: Will all employees receive the same training, or will it vary based on roles?
Implementation Timeline: How and when will training be rolled out?

Step 5: Define Metrics (1-2 Pages)

Explain how you will measure the success of the Security Awareness Plan.

What metrics will you collect? Examples: phishing test pass rates, policy compliance rates, number of reported security incidents.
Why these metrics? Justify their selection.
How will the data be used? Show how the organization will adjust strategies based on the results.

Step 6: Establish Learning Objectives (1 Page)

Choose a key human risk (e.g., phishing attacks, weak passwords, social engineering) and outline learning objectives:

What should employees know?
What behaviors should they adopt?
How will success be measured?

Step 7: Format and Finalize Your Document

Include a Title Page and Table of Contents.
Ensure clear headings and subheadings for readability.
Submit as a single Word or PDF file.
If possible, submit a draft to the writing specialist for feedback.
Review feedback, make edits, and delete comments before submitting.

By following this structured approach, you will create a well-organized and effective Security Awareness Plan that meets all assignment requirements!