User Account

All Pages

The information assurance

Assignment Help Management Information Sys
Reference no: EM13997269

Story

I have worked in the information assurance (IA) arena for well over a decade. But as happens to many professionals, I worked in one sector only. I became used to the specialized controls that only affected a small segment of the IA population in terms of information technology (IT) and IA processes.

Sure, I was offered the chance to study Information Technology Infrastructure Library (ITIL), but I did not understand the value of a standardized approach to IT management at that stage in my career.

Moral of the Story

Today, I am learning about NIST SP 800-53 controls, but the organization I am working for does not have a standardized approach. That is a long-term goal. In many ways, I wish I had looked at the IA and IT world from a higher vantage point earlier on so that I would understand how a framework could be used to map multiple types of controls. Instead, I am behind the times in catching up on this important work.

Note: The example companies, organizations, products, people, and events depicted herein are fictitious. No association with any real company, organization, product, person, or event is intended or should be inferred.

Assignment

The story you just read shows how difficult it can be to get started with a standardized approach to IT management and to ensure that controls and risk management are understood. For this discussion, research the library and Internet for information about Control Objectives for Information and related Technology (COBIT) and ISO 27002, and then respond to the questions. Consider the difficulties faced in the story and how some of these difficulties were overcome when responding to the assignment questions.

Primary Task Response: Within the Discussion Board area, write 400-600 words that respond to the following questions with your thoughts, ideas, and comments. This will be the foundation for future discussions by your classmates. Be substantive and clear, and use examples to reinforce your ideas.

Today, organizations require significant management oversight and IT governance to ensure that controls and risk management are enforced and understood. One of the IT frameworks for ensuring that there is a common language for both management and IT personnel to manage risks, IT services, and the delivery of value is COBIT. In your main post this week, describe the following:

  • How does COBIT provide IT processes, goals, and metrics to mitigate security risks and develop a security policy?
  • What is the purpose of the Responsible, Accountable, Consulted, and Informed (RACI) chart?
  • How does COBIT integrate standards such as NIST SP 800-53, ITIL, ISO 27001, and ISO 27002?

Reference no: EM13997269

Questions Cloud

Identify organizations involved in global security : 1. ) Identify Organizations involved in Global Security describe how they are involved. 2.) Identify/debate controversial methods, tactics, and techniques used in global security enforcement.
Supply the correct amount for each numbered item : On October 1, 2010, Machine B was acquired with a down payment of $4,000 and the remaining payments to be made in 10 annual installments of $4,000 each beginning October 1, 2011. The prevailing interest rate was 8%.
Malware must first be detected : Malware must first be detected before it can be removed.  How can malware detection best be handled in a large corporate setting?
A computer network : Least three methods by which you can monitor threats to a computer network. Describe and provide background information each method. Your paper should be between 800 and 1,000 words and should include citations.
The information assurance : I have worked in the information assurance (IA) arena for well over a decade. But as happens to many professionals, I worked in one sector only. I became used to the specialized controls that only affected a small segment of the IA population in term..
Compute depreciation expense on the building : Compute depreciation expense on the building, remaining machinery, and equipment for 2012.
Different sources can be usefully aggregated : What are the different ways in which data from different sources can be usefully aggregated?
Conduct a vulnerability : You are hired to conduct a vulnerability, threat, and security assessment on a web application and submit your clear recommendation for corrective actions based on your assessment.
The information technology senior analyst : You are the information technology senior analyst at your company. Your company can be a real business where you work or a virtual business that you would like to start. In either case, you should be familiar with the business environment and the nat..

Reviews

Write a Review

Management Information Sys Questions & Answers

  Different components of an information system

You will discuss each of the different components of an information system, and then explain how you can use the five-component model to guide your learning and thinking about information systems

  Major enterprise resource planning

Visit the Web site for one of the major enterprise resource planning (ERP) software vendors. Explain its main advantage?

  Case outlineas the newly appointed manager of global

case outlineas the newly appointed manager of global insurance company eva khan was trying to learn as much as possible

  Describe a research on distributed systems

Research on distributed systems - Distributed systems are or are not dominating the computing landscape

  Skills for an information technology project managerwhich

skills for an information technology project managerwhich skills do you think are most important for an information

  Types of security threats to it

Information Security : explained - Access controls are good things and should be secure, but programmers continually add "backdoor access" to their programs. Is a good or a bad practice?

  Gap analysys - system development life cycle

Gap analysys - How might gap analysis be applied to the system development life cycle?

  Step-wise answer to business analysis

Step-wise answer to Business Analysis - Who is responsible--you, your manager, or your employee? What action are you going to take?

  Explain factors necessary to ensure referential integrity

Determine and explain the factors necessary to ensure referential integrity. Create an object-oriented model to show how the tables are interrelated through the use of graphical tools such as Microsoft Visio, or an open source alternative such as D..

  Discuss the applicable ethical theory

Define a concise problem statement extracted from the above description. It is best if you define a specific problem caused by the dilemma, that needs a specific ethical decision to be made, that will solve the dilemma. Be aware that if it is a ma..

  Information technology and payroll and order entry

Information Technology - Payroll and Order Entry - It explains if payroll and order entry are types of transaction processing systems. Batch, online, and hybrid systems are also discussed.

  Integrate the functional systems

Enterprise systems integrate the functional systems such as accounting, finance, marketing, and operations. Another advantage of enterprise systems is that processes become more automated or totally automated, which increases efficiency.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd