Answer & Explanation:Critique needed: A System Security Plan (SSP) in a guideline for different systems, system controls, and organizational responsibilities/ requirements for said system (“System Security Plan”, 2003). Essentially, a SSP provides a baseline on how an organization should be controlling, utilizing, and managing a system. This policy is essential for an organization to effectively manage the multitude of systems that are used within the business. Red Clay Renovations uses many different systems to control it’s business such as billing, home development, IT, or project management. Each of these systems has to have individual rules, member responsibility, and guidelines. In order to effectively manage these systems, the individual needs of the system and the department who utilizes them needs to be considered. The security needs of the data being used will be different for departments who handle financial information versus a department that handles medical information. Due to the fact that department, system, and data needs will vary between departments, it is not feasible to place a “one size fits all” security approach among multiple departments. A general policy would open departments with sensitive information to vulnerabilities. References”System Security Plan”. (2003, April 1). Retrieved from https://www.sans.org/projects/systemsecurity.php
