Module 1 Case: Information Security System Risk Ma

Module 1 Case: Information Security System Risk Management

The primary theme of the paper is Module 1 Case: Information Security System Risk Management in which you are required to emphasize its aspects in detail. The cost of the paper starts from $99 and it has been purchased and rated 4.9 points on the scale of 5 points by the students. To gain deeper insights into the paper and achieve fresh information, kindly contact our support.

Module 1 Case: Information Security System Risk Management


Module 1 - Case
Based on the reading materials at background section and your own research, prepare a 4-7 page paper to describe the process of creating an information security risk management procedure. Your paper should be organized in the following way:
Identification, classification, and prioritization of information security risk
control mechanism that could be taken and the strategic options to mitigate and control information risk
Assignment Expectations
Your paper should provide a summary of your findings from the assigned materials and any good quality resources you can find. Please cite all sources and provide a reference list at the end of your paper. The following items will be assessed in particular:
Ability to consolidate ideas from reading materials.
Demonstration of your understanding of how to create an information security management process.
The ability to express your ideas clearly.
Module 1
Required Reading
Information security risk management process - (Please make sure all 211 slides appear when you open this file.)
Technology risk assessments key to protecting companies from information security threats (November 15, 2006), Business wire.
Mann, L. (2010). Information Security & Risk Management. Retrieved on March 6, 2013, from
Krause, M. et. al. (July 1, 2008). Information security management basics. Retrieved from
Information security handbook. Retrieved fon March 3, 2013, from
Amancei, C. (2011). Practical Methods for Information Security Risk Management. Informatica Economic?, 15(1), 151-159.
Spears, J. & Barki, H. (2010). User participation in information systems security risk management. MIS Quarterly, 34(3), 503-522.

Jones, A. (2007). A framework for the management of information security risks. BT technology journal, 25(1), 30-36.

Jourdan, Z., Rainer, R., Marshall, T., & Ford, F. (2010). An investigation of organizational information security risk anaysis. Journal of Service Science, 3(2), 33-42.

Optional materials

All your devices can be hacked, Ted talk by Avi Rubin. Retrieved on March 18, 2013, from

Security online training - mitigating threats

Krause, M. et al. (2008). Information security management: the basics. Retrieved on March 6, 2013, from

Armerding, T. (February 15, 2012) The 15 worst data security breaches of the 21st century. Retrieved on March 6, 2013, from


Information Security System Risk Management






Among the most vital components of any organization, information is critical towards the progress and performance of them. The nature, confidentiality, and validity of data and information are what will give one organization an upper hand against another. Organizations often face some threats to their information from any direction. These can be in the form of hackers, viruses, or denial of service (DoS) issues. It is, therefore, imperative that information is protected, so as to safeguard its integrity. However, the security of information only through the technical measures is not foolproof enough, since it leaves numerous vulnerabilities for the same said information. Towards this end, there is a host of things that can be done so as to come up with the most relevant strategies or measures. The most evident and inevitable first step is to come up with procedures as well as policies that would adequately safeguard information. This paper provides a systematic breakdown of the steps involved in coming up with information security and processes.


Policies hinging on security constitute the most fundamental aspect of organizational cybersecurity. For a given policy to be considered

100% Plagiarism Free & Custom Written
Tailored to your instructions