User Account

All Pages

What are the frameworks of information security management

Assignment Help Management Information Sys
Reference no: EM131353985

Module- Case

INFORMATION SECURITY MANAGEMENT FRAMEWORKS

Case Assignment

In the world of information security management, it is important to have a proper mindset and a handy roadmap that help you cruise through the maze of the ever-changing technology and its security issues. The following presentation suggests a simple framework for information security management.

Wang, W. PowerPoint Presentation. Information Security Management Framework.

Some of you may have been exposed to the OSI (Open System Interconnection) reference model and the TCP/IP stack for the Internet communications. Please see Fig. 3 in the OSI Reference Model for Network Protocol. Dissecting a big, complicated problem into smaller components helps solve the problem systematically. IS security is complicated. The suggested framework above follows the similar line of reasoning and provides a way of thinking to approach the problem.

Engineering, such as the design of a communication protocol, requires the clarification of a specific layer's boundaries so that the design is precise. In management or relevant behavioral studies, the context is more fluid than an engineering task. It is required to work hand-in-hand from all of the perspectives. The layered approach provides only one way of thinking, there are many alternatives how to bring pieces together. Now let us look briefly at some alternative frameworks. You only need to scan through and become familiar with some key figures/tables and get some understanding. You will revisit these articles in much details in later module(s) (e.g., mod 3) or course(s) (e.g., ITM527).

For instance, the following NIST publication introduces a tiered/layered approach for risk management. Please mainly focus on Figure 2 and 3.
NIST. (2011). Managing Information Security Risk-Organization, Mission and Information System View. National Institute of Standards and Technology Special Publication 800-39.

The framework for organization-wide Information Security Continuous Monitoring in Figure 2-1 in the following article echoes the benefit of look at the issue in tiers/layers. Its Risk Management Framework in Figure 2-2 proposes a process overview that emphasizes a dynamic process flow and values both organizational inputs (e.g., laws, policy, objectives, etc.) and architecture of business processes and information systems. Please mainly focus on these two main figures.

NIST. (2011). Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations. National Institute of Standards and Technology Special Publication 800-137.

However, Business Software Alliance introduces a framework for action on Information Security Governance that asks for who, what, and how with regards to governance. You only need to focus on Table 4 to get an overview of it. It also emphasizes that "Information security is often treated solely as a technology issue, when it should also be treated as a governance issue," which is in sync with the other framework where technology issue is only one of the several perspectives that need to be considered.

Business Software Alliance. (2016). Seizing opportunity through license compliance. Retrieved from https://globalstudy.bsa.org/2016/downloads/studies/BSA_GSS_US.pdf

The following article also covers the perspectives mentioned in the presented framework, although it doesn't use a layered approach. Please scan it through to get the main points. You should come back to this article throughout the course for the focused perspective in respective module. For this module, you only need to know what perspectives are considered.

Johnson, E., & Goetz, E., (2007). Embedding Information Security into the Organization. IEEE Security & Privacy, May/June 2007.

After you have "strategically" read the above materials, and, more importantly, thought about them critically and interconnectively, compose a 4- to 6-page paper on the topic:

Comparisons of Information Security Management Frameworks

In preparing your paper, you need to discuss the following issues, and support with arguments and examples:

• What are the benefits of having frameworks for information security management?
• What are the frameworks of information security management? Their pros and cons?
• What are the major perspectives to consider in information security management and framework choice?
• What organizational factors should be considered in the framework choice?
• You may even expand what you learned here and come up with a better framework. Give it a try, although it is not required.

Assignment Expectations

Length: Minimum 4-6 pages excluding cover page and references (since a page is about 300 words, this is approximately 1,200-1,800 words).

Attachment:- Module_Information.rar

Reference no: EM131353985

Questions Cloud

Determine what mass of mercury will vaporize : Determine what mass of mercury will vaporize in a closed container at 22°Cif it has a volume of 1.7 L of space above the liquid.
Calculate final ph resulting from the addition : Calculate final pH resulting from the addition of 5.0 mmol of strong acid to the buffer solution made from 0.150 L of 0.50 M NH4Cl and 0.100 L of 0.25 M NaOH. pKa(NH4+)=9.25.
Consider the various aspects of the definition : Think of someone in the world of sports (besides Joe Paterno) whose life connects to Aristotle's theory of the tragic hero that we discussed in our notes. Consider the various aspects of the definition and provide specific examples of how this per..
How does communication bias affect relationship selling : What is the feature-benefit strategy and how does it help you to add value? How does communication bias affect relationship selling? How can you minimize or avoid this bias?
What are the frameworks of information security management : ITM 517- What are the frameworks of information security management? Their pros and cons? What are the major perspectives to consider in information security management and framework choice?
Concentration of ammonia in the final solution : If you take a 10.0 mL portion of a 14.8 M ammonia solution and dilute it to a total volume of 0.250 L, what is the concentration of ammonia in the final solution? Provide an answer correct to 2 significant figures. For example, if you calculate th..
Which had the fastest growth of real wages : Use the CPI numbers provided on the inside back cover of this book to calculate the real wage (in 1982-1984 dollars) for each of these years. Which decade had the fastest growth of money wages? Which had the fastest growth of real wages?
Frequency of the third harmonic for the pipe : Consider a pipe with a length of 43.5 cm. If the temperature of the air is 19.5 oC and the pipe is closed in one end and open in the other, what is the frequency of the third harmonic for the pipe? Post your answer in hertz (Hz) and with 3 signifi..
Discuss an information security issue in your organization : ITM 517- Please apply your preferred framework of information security management to discuss an information security issue in your organization or in your personal life. Some examples are access control.

Reviews

Write a Review

Management Information Sys Questions & Answers

  Service request for riordan manufacturing

Service Request for Riordan Manufacturing - Explain the benefits of using defined and repeatable processes for accomplishing these activities for the implementation stage.

  Explain potential physical threats that require attention

Identify at least five potential physical threats that require attention. Determine the impact of at least five potential logical threats that require attention.

  Question about aspwhat are asps how have they become an

question about aspwhat are asps? how have they become an important element of e-business? what is their implication for

  Design the new addressing scheme for the network

Design the new addressing scheme for the network through the use of graphical tools in Microsoft Visio or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length.

  What is most important when considering data backups

True or false: To achieve an RTO of 0, you need 100 percent redundant, hot-stand-by infrastructure (that is, IT systems, applications, data, and so on). What is most important when considering data backups? What is most important when considering d..

  Discussion of the exsisting system

Discussion of the exsisting system and brief discussion of the current standard used to manage forms - manage the transistion to a scanned form.

  Management of information systems and itinformation systems

management of information systems and itinformation systems are typically thought of as being the responsibility and

  Analyze porters five forces model

Analyze Porter's Five Forces Model in relation to competition within the industry of That corporation

  What are the characteristics of a failed information systems

What are the characteristics of a failed information systems project? Describe the alternatives for sourcing a new information system. What are the benefits of the different approaches to sourcing a new system?

  Role played by supply chain management applications

How do enterprise systems (ES) help businesses maximize the profitability of their operations and the role played by supply chain management applications.

  Create a spreadsheet and import the access tables

Create a Spreadsheet and import the four (4) Access Tables into four (4) Worksheets. Data Validation Check.  Create an Index Worksheet

  Develop a comprehensive plan for the systems architecture

The overall assignment is to develop a comprehensive plan for the systems architecture for this fictitious organization in a form that would be appropriate as a PowerPoint slideshow for management. You may consider this as the means of presenting ..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd