User Account

All Pages

The information assurance

Assignment Help Management Information Sys
Reference no: EM13997269

Story

I have worked in the information assurance (IA) arena for well over a decade. But as happens to many professionals, I worked in one sector only. I became used to the specialized controls that only affected a small segment of the IA population in terms of information technology (IT) and IA processes.

Sure, I was offered the chance to study Information Technology Infrastructure Library (ITIL), but I did not understand the value of a standardized approach to IT management at that stage in my career.

Moral of the Story

Today, I am learning about NIST SP 800-53 controls, but the organization I am working for does not have a standardized approach. That is a long-term goal. In many ways, I wish I had looked at the IA and IT world from a higher vantage point earlier on so that I would understand how a framework could be used to map multiple types of controls. Instead, I am behind the times in catching up on this important work.

Note: The example companies, organizations, products, people, and events depicted herein are fictitious. No association with any real company, organization, product, person, or event is intended or should be inferred.

Assignment

The story you just read shows how difficult it can be to get started with a standardized approach to IT management and to ensure that controls and risk management are understood. For this discussion, research the library and Internet for information about Control Objectives for Information and related Technology (COBIT) and ISO 27002, and then respond to the questions. Consider the difficulties faced in the story and how some of these difficulties were overcome when responding to the assignment questions.

Primary Task Response: Within the Discussion Board area, write 400-600 words that respond to the following questions with your thoughts, ideas, and comments. This will be the foundation for future discussions by your classmates. Be substantive and clear, and use examples to reinforce your ideas.

Today, organizations require significant management oversight and IT governance to ensure that controls and risk management are enforced and understood. One of the IT frameworks for ensuring that there is a common language for both management and IT personnel to manage risks, IT services, and the delivery of value is COBIT. In your main post this week, describe the following:

  • How does COBIT provide IT processes, goals, and metrics to mitigate security risks and develop a security policy?
  • What is the purpose of the Responsible, Accountable, Consulted, and Informed (RACI) chart?
  • How does COBIT integrate standards such as NIST SP 800-53, ITIL, ISO 27001, and ISO 27002?

Reference no: EM13997269

Questions Cloud

Identify organizations involved in global security : 1. ) Identify Organizations involved in Global Security describe how they are involved. 2.) Identify/debate controversial methods, tactics, and techniques used in global security enforcement.
Supply the correct amount for each numbered item : On October 1, 2010, Machine B was acquired with a down payment of $4,000 and the remaining payments to be made in 10 annual installments of $4,000 each beginning October 1, 2011. The prevailing interest rate was 8%.
Malware must first be detected : Malware must first be detected before it can be removed.  How can malware detection best be handled in a large corporate setting?
A computer network : Least three methods by which you can monitor threats to a computer network. Describe and provide background information each method. Your paper should be between 800 and 1,000 words and should include citations.
The information assurance : I have worked in the information assurance (IA) arena for well over a decade. But as happens to many professionals, I worked in one sector only. I became used to the specialized controls that only affected a small segment of the IA population in term..
Compute depreciation expense on the building : Compute depreciation expense on the building, remaining machinery, and equipment for 2012.
Different sources can be usefully aggregated : What are the different ways in which data from different sources can be usefully aggregated?
Conduct a vulnerability : You are hired to conduct a vulnerability, threat, and security assessment on a web application and submit your clear recommendation for corrective actions based on your assessment.
The information technology senior analyst : You are the information technology senior analyst at your company. Your company can be a real business where you work or a virtual business that you would like to start. In either case, you should be familiar with the business environment and the nat..

Reviews

Write a Review

Management Information Sys Questions & Answers

  Trends of technology for dect cordless phones

Analysis of the trends of technology for DECT Cordless phones - An analysis of the trends of technology that could be used to communicate value

  System proposal for autos r us

System Proposal for Autos R Us-Autos R us was founded in 1985 in Orange County, California. They are a small business that sells automotive interior accessories such as seat covers and dash covers

  Differences of information systems

Information systems for pharmacies - compare and contrast the differences of information systems then and now. Please include any reference you use for information obtained.

  Explain an it project at rusty rims distribution company

This assignment gives you the opportunity to apply the course concepts to develop an IT Decision Paper to explain and defend an IT project at Rusty Rims Distribution Company (RR). This assignment specifically addresses the following course outcom..

  Building a relational database for inventory management

Building a Relational Database for Inventory Management

  Show what problems can mrp create for suppliers

Show What problems can MRP create for suppliers as you go upstream in the supply chain?

  Compare and contrast pop e-mail to web-based e-mail systems

Compare and contrast POP e-mail to Web-based e-mail systems in terms of control, security, and accessibility

  Phases of system designwhat is the primary target of

phases of system designwhat is the primary target of systems design and what phases are included in the systems

  Discussion of the information used in the system

A discussion of the information used in the system, A discussion of any information security and ethical concerns with the system, A diagram of the information flow and any elements controlling proper access to the information it uses

  Show the accounting information systems

Accounting information systems : Solution set - The kind of risk that involves wheter sup-pliers will be paid or will be paid only after long delays is best described

  Increased connectivitythe advantages of increased

increased connectivitythe advantages of increased connectivity i.e. improve linage and interoperability are readily

  Write an application that prompts for person information

Write an application that prompts for the person's information, instantiates an object of class HealthProfile for that person

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd