User Account

All Pages

Mitigate security risks and develop a security policy

Assignment Help Computer Engineering
Reference no: EM131724349

Story

I have worked in the information assurance (IA) arena for well over a decade. But as happens to many professionals, I worked in one sector only. I became used to the specialized controls that only affected a small segment of the IA population in terms of information technology (IT) and IA processes.

Sure, I was offered the chance to study Information Technology Infrastructure Library (ITIL), but I did not understand the value of a standardized approach to IT management at that stage in my career.

Moral of the Story

Today, I am learning about NIST SP 800-53 controls, but the organization I am working for does not have a standardized approach. That is a long-term goal. In many ways, I wish I had looked at the IA and IT world from a higher vantage point earlier on so that I would understand how a framework could be used to map multiple types of controls. Instead, I am behind the times in catching up on this important work.
Note: The example companies, organizations, products, people, and events depicted herein are fictitious. No association with any real company, organization, product, person, or event is intended or should be inferred.

Assignment

The story you just read shows how difficult it can be to get started with a standardized approach to IT management and to ensure that controls and risk management are understood. For this discussion, research the library and Internet for information about Control Objectives for Information and related Technology (COBIT) and ISO 27002, and then respond to the questions. Consider the difficulties faced in the story and how some of these difficulties were overcome when responding to the assignment questions.

Primary Task Response: Within the Discussion Board area, write 400-600 words that respond to the following questions with your thoughts, ideas, and comments. This will be the foundation for future discussions by your classmates. Be substantive and clear, and use examples to reinforce your ideas.

Today, organizations require significant management oversight and IT governance to ensure that controls and risk management are enforced and understood. One of the IT frameworks for ensuring that there is a common language for both management and IT personnel to manage risks, IT services, and the delivery of value is COBIT. In your main post this week, describe the following:

How does COBIT provide IT processes, goals, and metrics to mitigate security risks and develop a security policy?

What is the purpose of the Responsible, Accountable, Consulted, and Informed (RACI) chart?

How does COBIT integrate standards such as NIST SP 800-53, ITIL, ISO 27001, and ISO 27002?

Reference no: EM131724349

Questions Cloud

Calculate the value of the chi-square statistic : Imagine that 50 men and 50 women are asked, "Do you favor or oppose capital punishment for those convicted of murder?" In the observed data, 38/50 = .76.
Prepare an income statement in contribution margin format : Prepare an income statement in the contribution margin format. Calculate the contribution margin per unit and the contribution margin ratio
Describe and provide background information each method : Describe and provide background information each method, can monitor threats to a computer network
Explain the definition of the average american family : Although the 'family structure' is changing, developmental theorists argue the 'family function' remains the same.
Mitigate security risks and develop a security policy : How does COBIT provide IT processes, goals, and metrics to mitigate security risks and develop a security policy
Discuss effect of sample size on the chi-square test : Considering the effect of sample size on the chi-square test, explain why a finding that a relationship is "not statistically significant".
Create a memo setting out your analysis and recommendations : Create a memo, setting out your analysis and recommendations, that considers ONLY the following ethical lenses: Utilitarianism, Universal Ethics.
A description of the process of neurotransmission : Create a 7-12-slide PowerPoint Presentation about the way drugs affect the brain. A description of the process of neurotransmission.
Immediate dilution potential for new stock issue : What is the immediate dilution potential for this new stock issue?

Reviews

Write a Review

Computer Engineering Questions & Answers

  Mathematics in computing

Binary search tree, and postorder and preorder traversal Determine the shortest path in Graph

  Ict governance

ICT is defined as the term of Information and communication technologies, it is diverse set of technical tools and resources used by the government agencies to communicate and produce, circulate, store, and manage all information.

  Implementation of memory management

Assignment covers the following eight topics and explore the implementation of memory management, processes and threads.

  Realize business and organizational data storage

Realize business and organizational data storage and fast access times are much more important than they have ever been. Compare and contrast magnetic tapes, magnetic disks, optical discs

  What is the protocol overhead

What are the advantages of using a compiled language over an interpreted one? Under what circumstances would you select to use an interpreted language?

  Implementation of memory management

Paper describes about memory management. How memory is used in executing programs and its critical support for applications.

  Define open and closed loop control systems

Define open and closed loop cotrol systems.Explain difference between time varying and time invariant control system wth suitable example.

  Prepare a proposal to deploy windows server

Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario.

  Security policy document project

Analyze security requirements and develop a security policy

  Write a procedure that produces independent stack objects

Write a procedure (make-stack) that produces independent stack objects, using a message-passing style, e.g.

  Define a suitable functional unit

Define a suitable functional unit for a comparative study between two different types of paint.

  Calculate yield to maturity and bond prices

Calculate yield to maturity (YTM) and bond prices

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd