User Account

All Pages

Define a risk management framework that will be used

Assignment Help Computer Engineering
Reference no: EM133693215

Homework: Develop an IT governance strategy for an organization.

Purpose

Organizations that you work for will often apply an IT governance framework such as COBIT or ISO 27001, or one of the others that are available. These frameworks provide guidelines for IT governance in the organization and offer guidelines for building a governance system. In this unit, you will apply the ISO 27001 Information Security Management System (ISMS) framework to begin outlining a governance strategy for an organization.

Instructions

Select an organization that you would like to develop an IT governance strategy for, using ISO 27001, Information Security Management System (ISMS). You can find ISMS on the Internet or in this unit's reading. The organization should be one you are familiar with from having worked there.

In your paper, include the following:

I. Define and discuss the ISO 27001 Information Security Management System in terms of the Deming Cycle of continuous improvement of Plan-Do-Check-Act (PDCA)

II. Brief description of the organization and type of business engaged in.

III. High-level information security policy that defines management's overall objective for information security as it relates to business requirements and relevant laws and regulations.

A. Information security direction for the organization
B. Information security objectives for the organization
C. Information on how the organization will meet contractual, legal, and regulatory requirements
D. A statement of commitment to continuous improvement of the ISMS.

IV. High-level risk assessment (for purposes of this paper, discuss the top 3-4 risks only)

A. Define a risk management framework that will be used
B. Identify risks and describe the risk
C. Analyze and evaluate the risks in terms of severity and impact

V. Statement of Applicability

A. Identify selected controls to address identified risks (again only the top 3-4 risks)
B. Explanation of why these controls were selected

VI. Conclusion paragraph

This is a short version of an IT governance strategy but will provide a good understanding of the elements that must be included for this ISO 27001 ISMS.

Reference no: EM133693215

Questions Cloud

Describe how practical implications resulting from research : Describe how the practical implications resulting from the research could be used by stakeholders of the research (1-2 paragraphs).
How tam is impacting educational settings : Define TAM and the components. Note how TAM is impacting educational settings. Give an overview of the case study presented and the findings.
What existing laws do you feel would need to be considered : What existing laws do you feel would need to be considered and why? Are there any cases related to AI and predictive assessment that have been ruled on?
Dissertation on energy transition strategies for oil and gas : Dissertation on Energy Transition Strategies for Oil and Gas Companies in Nigeria - Analysis of the Energy Transition Competencies of Oil and Gas Companies
Define a risk management framework that will be used : Define a risk management framework that will be used. Identify risks and describe the risk. Analyze and evaluate the risks in terms of severity and impact.
Explain why you think one will work better : Explain why you think one will work better, and why you think the other will not work as well...be VERY SPECIFIC regarding class project tasks that have.
Discuss key decisions necessary for making strategy choices : Discuss the key decisions necessary for making strategy choices. Develop an Annotated Bibliography for the additional references used in your discussion.
What kind of independent variable necessary to infer cause : BUSI 820- What kind of independent variable (active or attribute) is necessary to infer cause? Can one always infer cause from the type of independent variable?
What is their design language : What is their design language? Can your object actually develop formally in response to your precedent and Do they react in respect? In challenge or retaliation

Reviews

Write a Review

Computer Engineering Questions & Answers

  Share an example of how the five player-experience layers

share an example of how the five player-experience layers (sensory, information, interaction, frame, and purpose) relate to your envisioned final project

  Make a function definition called reverse

Write down a function definition called reverse, with two parameters, the first is an array of integer and the second is the number of elements in the array. The function reverses the elements of the array and does not return a value.

  Provide a researched example of technology gone wrong

Explain your experience with ethics- What is your current knowledge of computer/technology laws?

  Online nursing documentation system

online nursing documentation system that captures all assessments, interventions, and outcomes for the nurses in the inpatient units. The data will be entered

  Find the names of all employees working in a department

Find the names of all employees working in a department managed by 'Smith'. Find the names of employees who have worked in every department.

  How film represents a contribution to the field of cyberlaw

Using a Microsoft Word document, please review ONE of the following films and tell how that film represents a contribution to the field of CyberLaw.

  Discussion about tacit knowledge and explicit knowledge

How would one distinguish between an organizational weakness and a threat to the organization? Provide an example of tacit knowledge and an example of explicit.

  Create a query that includes instructors first names last

perform the following steps in mysqlcreate the tables and relationships from the database design discussed in lab

  Which answer below best reflects the users issue

The user is now trying to install Spotify but receives an error stating he does not have permission. Which answer below best reflects the user's issue?

  What is the size of the permutation key

Eve secretly gets access to Alice's computer and using cipher types abcdefghij. What type of attack is Eve launching? What is the size of the permutation key?

  How do cyber-security threats and vulnerabilities affect

How do cyber-security threats and vulnerabilities affect information security risk assessment? When answering the above question, you may choose to draw on

  Discuss the difference and complexities involved

Discuss the systems/methods/software/services required to detect a breach or an intrusion. Discuss elements necessary within the security architecture

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd