TASK TO BE DONE: – READ CHAPTER 1-5 and Do ASSIGNMENT , DISCUSSION 1, 2 & 3
Theme:Governance and Basic Security Concepts
Readings: Chapple, Chapters 1-5
Requirements:
Security is ever evolving.This first week will introduce you to a number of concepts that you’ll need to grasp as you move through this course.These are the building blocks.Make sure you feel comfortable with each topic.If you have any questions, please make sure you get in touch and ask.
ASSIGNMENT: –
Risk assessments are an in-depth necessity in today’s business operation.Discuss the need to perform a balanced risk assessment.What are the techniques that can be used and why is this necessary?
Your paper should be 3-4 pages long and include sources
DISCUSSION 1: –
You read that there are a plethora of laws, both domestic and international, that can and do affect our business.
Thinking about the legal aspects, what are some common questions that organizations should ask when considering outsourcing information storage, processing, or transmission?Explain why these questions are important.
DISUSSION 2: –
Security Governance provides the framework for Information Security.Based off your reading, research and personal knowledge, what is necessary for a robust Security Governance program?What frameworks are available?From your research, of the various frameworks available, which would you want to pursue for use in your organization?Why?
DISCUSSION 3: –
In your reading for this week, you found that policies, procedures, standards and guidelines are all necessary for a thorough information security program.Please find a sample of a security standard, policy or guideline from your current work (preferable – if it is okay to share with the class) or online if necessary.In your post, please attach the document and then tell us why the policy as written sufficiently provides guidance for the intended audience to be able to follow the edict in the document; or conversely, does not provide sufficient guidance.Does it need additional topics covered?Does it make sense?Will it help secure the information intended?What makes it a good document?Or what is possibly lacking?