You are tasked with developing a security governance framework for a global e-commerce platform
that handles sensitive customer information. Write a seven to nine-page paper addressing the following questions:
1. Evaluate the e-commerce platform’s compliance with global cybersecurity regulations, including GDPR,
PCI DSS, and other relevant standards. Discuss strategies for maintaining compliance across diverse
geographical regions.
2. Propose security measures to protect payment card data processed by the e-commerce platform. Discuss
encryption, tokenization, and secure payment processing practices to prevent payment fraud and
unauthorized access.
3. Develop guidelines for ensuring customer data privacy and obtaining appropriate consent for data
processing. Discuss the importance of transparent privacy policies, data minimization, and user consent
management.
4. Propose an incident response plan tailored for security incidents affecting customer data. Discuss
communication strategies for promptly informing customers about security incidents while maintaining
trust and transparency.
5. Assess the security practices of third-party vendors that the e-commerce platform collaborates with.
Discuss strategies for ensuring the security of customer information throughout the supply chain and
vendor relationships.
Ensure that your papers provide practical recommendations and considerations for the speci2ed scenarios. Use
relevant industry standards, best practices, and case studies to support your analysis and suggestions.
Your assignment must follow these formatting requirements:
• Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all
sides; citations and references must follow APA or school-specific format. Check with your
professor for any additional instructions.
• Include a cover page containing the title of the assignment, the student’s name, the professor’s
name, the course title, and the date. The cover page and the reference page are not included in
the required assignment page length.
The specific course learning outcomes associated with this assignment are:
• Compare and contrast the methods of disaster recovery and business continuity.
• Explain risk management in the context of information security.
• Use technology and information resources to research issues in disaster recovery.
• Write clearly and concisely about disaster recovery topics using proper writing mechanics and
technical style conventions.
Grading for this assignment will be based on answer quality, logic / organization of the paper, and
language and writing skills, using the following rubric