As the CISO of a health care facility you are tasked with using the information from the artifacts developed in the previous weeks, as well as the New

As the CISO of a health care facility you are tasked with using the information from the artifacts developed in the previous weeks, as well as the NewTab Project Profile, to complete the following:

Evaluate the requirements for a strategic plan.Create a strategic plan for the information security program supporting the organization’s business objectives.Develop a financial model for the investments needed to support the information security program in alignment with the strategic plan.

Part A: Strategic Plan

Create a 3- to 4-page information security strategic plan that includes the following components:

Purpose of the strategic planMajor components in the information security organization, including the following:Security managementSecurity governance, compliance, and policiesRisk managementSecurity operations center (SOC), including SIEM capabilitiesRequired information security personnel for each componentRecommended initiatives for improving the health care organization’s information security posture based on the POA&M from the Wk 2 – Security Assessment Plan assignment, including the following:Mitigation actionsCost for each mitigationEstimated time frame for completion of each initiative

Part B: Financial Model

Create a 3- to 4-page financial plan for the operation of the information security department as defined in Part A. Include the following:

Description of each cost category along with the total annual operating costsEstimated annual operating costs for supporting the information security department based on the information in Part A

Note: A table is recommended for portraying the annual operating budget of the information security organization.

Cite any references according to APA guidelines.