Module 1 Case: Information Security System Risk Ma

Module 1 Case: Information Security System Risk Management

The primary theme of the paper is Module 1 Case: Information Security System Risk Management in which you are required to emphasize its aspects in detail. The cost of the paper starts from $99 and it has been purchased and rated 4.9 points on the scale of 5 points by the students. To gain deeper insights into the paper and achieve fresh information, kindly contact our support.

Module 1 Case: Information Security System Risk Management

INSTRUCTIONS:

Module 1 - Case
INFORMATION SECURITY SYSTEM RISK MANAGEMENT
Based on the reading materials at background section and your own research, prepare a 4-7 page paper to describe the process of creating an information security risk management procedure. Your paper should be organized in the following way:
Identification, classification, and prioritization of information security risk
control mechanism that could be taken and the strategic options to mitigate and control information risk
Assignment Expectations
Your paper should provide a summary of your findings from the assigned materials and any good quality resources you can find. Please cite all sources and provide a reference list at the end of your paper. The following items will be assessed in particular:
Ability to consolidate ideas from reading materials.
Demonstration of your understanding of how to create an information security management process.
The ability to express your ideas clearly.
Module 1
Required Reading
Information security risk management process - (Please make sure all 211 slides appear when you open this file.)
Technology risk assessments key to protecting companies from information security threats (November 15, 2006), Business wire.
Mann, L. (2010). Information Security & Risk Management. Retrieved on March 6, 2013, from http://www.youtube.com/watch?v=BHh3z7B_wvI
Krause, M. et. al. (July 1, 2008). Information security management basics. Retrieved from http://www.csoonline.com/article/413965/information-security-management-the-basics?page=1
Information security handbook. Retrieved fon March 3, 2013, from http://ithandbook.ffiec.gov/it-booklets/information-security.aspx
Amancei, C. (2011). Practical Methods for Information Security Risk Management. Informatica Economic?, 15(1), 151-159.
Spears, J. & Barki, H. (2010). User participation in information systems security risk management. MIS Quarterly, 34(3), 503-522.



Jones, A. (2007). A framework for the management of information security risks. BT technology journal, 25(1), 30-36.



Jourdan, Z., Rainer, R., Marshall, T., & Ford, F. (2010). An investigation of organizational information security risk anaysis. Journal of Service Science, 3(2), 33-42.



Optional materials



All your devices can be hacked, Ted talk by Avi Rubin. Retrieved on March 18, 2013, from http://www.youtube.com/watch?v=metkEeZvHTg.



Security online training - mitigating threats



Krause, M. et al. (2008). Information security management: the basics. Retrieved on March 6, 2013, from http://www.csoonline.com/article/413965/information-security-management-the-basics?page=1



Armerding, T. (February 15, 2012) The 15 worst data security breaches of the 21st century. Retrieved on March 6, 2013, from http://www.csoonline.com/article/700263/the-15-worst-data-security-breaches-of-the-21st-century

CONTENT:



Information Security System Risk Management

Name:

Instructor:

Institution:

Date:

Introduction

Among the most vital components of any organization, information is critical towards the progress and performance of them. The nature, confidentiality, and validity of data and information are what will give one organization an upper hand against another. Organizations often face some threats to their information from any direction. These can be in the form of hackers, viruses, or denial of service (DoS) issues. It is, therefore, imperative that information is protected, so as to safeguard its integrity. However, the security of information only through the technical measures is not foolproof enough, since it leaves numerous vulnerabilities for the same said information. Towards this end, there is a host of things that can be done so as to come up with the most relevant strategies or measures. The most evident and inevitable first step is to come up with procedures as well as policies that would adequately safeguard information. This paper provides a systematic breakdown of the steps involved in coming up with information security and processes.

Policies

Policies hinging on security constitute the most fundamental aspect of organizational cybersecurity. For a given policy to be considered

...
100% Plagiarism Free & Custom Written, Tailored to your instructions