Organization and develop an information security strategy

Assignment Help Basic Computer Science
Reference no: EM13936431

The task is to carry out an information security risk assessment for an organization and develop an Information Security Strategy for that organization. This should include, at least:
a prioritized list of the risks identified (4 - 5 information risks) as follows:

i) Identify & analyse information risks with clear identification of assets, vulnerabilities and threats (TVA analysis). When you identify these risks make sure to classify them properly (for example, loss of information is a general risk, so you should clarify if it is loss of confidentiality, integrity or Availability).

ii) Give an estimate of single loss expectancy (SLE), annualized rate of occurrence (ARO) and then calculate the annualized loss expectancy (ALE). SLE & ARO should be justified form previous info. sec reports such as 2014 Information security breaches survey (https://www.pwc.co.uk/audit-assurance/publications/2014-information-security-breaches-survey.jhtml)
a list of specific controls that should be put in place, and any relevant guidance on how the controls should be implemented, along with clear rationales, in terms of costs and benefits, for the choices that have been made (see control examples).
an outline of the information security policies that should be established.

an audit strategy for the controls that have been proposed.

a suitable incident response plan.

You should make use of whatever accepted industry or international standards you feel are appropriate in carrying out this task, but either COBIT 5 or ISO 27000 series standards, or a combination of both are recommended.

If you feel that additional areas need to be addressed in the strategy, then please add them, with a brief explanation of why.

In selecting an organization to focus on, you may choose a specific organization with which one or more of your group are familiar. In the case where you choose an organization that not all of the group members are familiar with, you should clearly define the roles that each member of the group will take in the assignment work, bearing in mind the prior knowledge that each member has.

Reference no: EM13936431

Questions Cloud

Service (iaas) from a cloud service provider : An organization is planning to use Infrastructure as a Service (IaaS) from a cloud service provider to host their web site and e-commerce applications. This will consist of an appropriate number of suitably sized Linux Virtual Servers and Virtual ..
Advice on strategies for your project execution : You have been told during this process to reach out to other CA City Retail Group Cafés to obtain appropriate advice on strategies for your project execution. What are three questions you could ask to guarantee success - Explain the process for ide..
Show how this priority queue is affected by adding string : To tell if one element in ZooGraph has relation X to another element, you look for a path between them. Show whether the following statements are true, using the picture or adjacency matrix.
Evaluation and interpretation of criminal justice data : Discuss why these aspects were selected. Describe how the selected aspects relate to the evaluation and interpretation of criminal justice data and research findings. Explain why researchers would consider qualitative methods an artistic expression o..
Organization and develop an information security strategy : The task is to carry out an information security risk assessment for an organization and develop an Information Security Strategy for that organization. This should include, at least:
Value and exchange for developing a marketing strategy : Marketing Reflection - Explaining the concepts of Value and Exchange for developing a marketing strategy.
Internal it services hosted on premise : Many organizations are using cloud services in place of internal IT services hosted on premise. Cloud services reduce the need for capital expenditure and can be set up in minutes without the need for long hardware procurement cycles. However usin..
What do you estimate the dollar amount of rollover balances : Also the value of a(s - q)/t = 1. If current CD balances are $100 million, what do you estimate the dollar amount of rollover balances to be?
Explain the super predator myth : During the 1990s and into the 2000s a juvenile super predator myth drove statutory and policy development throughout the nation. Using federal or state government publications and/or peer reviewed journal articles: Explain the super predator myth

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Identifies the cost of computer

identifies the cost of computer components to configure a computer system (including all peripheral devices where needed) for use in one of the following four situations:

  Input devices

Compare how the gestures data is generated and represented for interpretation in each of the following input devices. In your comparison, consider the data formats (radio waves, electrical signal, sound, etc.), device drivers, operating systems suppo..

  Cores on computer systems

Assignment : Cores on Computer Systems:  Differentiate between multiprocessor systems and many-core systems in terms of power efficiency, cost benefit analysis, instructions processing efficiency, and packaging form factors.

  Prepare an annual budget in an excel spreadsheet

Prepare working solutions in Excel that will manage the annual budget

  Write a research paper in relation to a software design

Research paper in relation to a Software Design related topic

  Describe the forest, domain, ou, and trust configuration

Describe the forest, domain, OU, and trust configuration for Bluesky. Include a chart or diagram of the current configuration. Currently Bluesky has a single domain and default OU structure.

  Construct a truth table for the boolean expression

Construct a truth table for the Boolean expressions ABC + A'B'C' ABC + AB'C' + A'B'C' A(BC' + B'C)

  Evaluate the cost of materials

Evaluate the cost of materials

  The marie simulator

Depending on how comfortable you are with using the MARIE simulator after reading

  What is the main advantage of using master pages

What is the main advantage of using master pages. Explain the purpose and advantage of using styles.

  Describe the three fundamental models of distributed systems

Explain the two approaches to packet delivery by the network layer in Distributed Systems. Describe the three fundamental models of Distributed Systems

  Distinguish between caching and buffering

Distinguish between caching and buffering The failure model defines the ways in which failure may occur in order to provide an understanding of the effects of failure. Give one type of failure with a brief description of the failure

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd