Ask Question, Ask an Expert

+61-413 786 465

[email protected]

Ask Management Information System Expert

Management Studies


Home >> Management Information System

Module- Case

INFORMATION SECURITY MANAGEMENT FRAMEWORKS

Case Assignment

In the world of information security management, it is important to have a proper mindset and a handy roadmap that help you cruise through the maze of the ever-changing technology and its security issues. The following presentation suggests a simple framework for information security management.

Wang, W. PowerPoint Presentation. Information Security Management Framework.

Some of you may have been exposed to the OSI (Open System Interconnection) reference model and the TCP/IP stack for the Internet communications. Please see Fig. 3 in the OSI Reference Model for Network Protocol. Dissecting a big, complicated problem into smaller components helps solve the problem systematically. IS security is complicated. The suggested framework above follows the similar line of reasoning and provides a way of thinking to approach the problem.

Engineering, such as the design of a communication protocol, requires the clarification of a specific layer's boundaries so that the design is precise. In management or relevant behavioral studies, the context is more fluid than an engineering task. It is required to work hand-in-hand from all of the perspectives. The layered approach provides only one way of thinking, there are many alternatives how to bring pieces together. Now let us look briefly at some alternative frameworks. You only need to scan through and become familiar with some key figures/tables and get some understanding. You will revisit these articles in much details in later module(s) (e.g., mod 3) or course(s) (e.g., ITM527).

For instance, the following NIST publication introduces a tiered/layered approach for risk management. Please mainly focus on Figure 2 and 3.
NIST. (2011). Managing Information Security Risk-Organization, Mission and Information System View. National Institute of Standards and Technology Special Publication 800-39.

The framework for organization-wide Information Security Continuous Monitoring in Figure 2-1 in the following article echoes the benefit of look at the issue in tiers/layers. Its Risk Management Framework in Figure 2-2 proposes a process overview that emphasizes a dynamic process flow and values both organizational inputs (e.g., laws, policy, objectives, etc.) and architecture of business processes and information systems. Please mainly focus on these two main figures.

NIST. (2011). Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations. National Institute of Standards and Technology Special Publication 800-137.

However, Business Software Alliance introduces a framework for action on Information Security Governance that asks for who, what, and how with regards to governance. You only need to focus on Table 4 to get an overview of it. It also emphasizes that "Information security is often treated solely as a technology issue, when it should also be treated as a governance issue," which is in sync with the other framework where technology issue is only one of the several perspectives that need to be considered.

Business Software Alliance. (2016). Seizing opportunity through license compliance. Retrieved from http://globalstudy.bsa.org/2016/downloads/studies/BSA_GSS_US.pdf

The following article also covers the perspectives mentioned in the presented framework, although it doesn't use a layered approach. Please scan it through to get the main points. You should come back to this article throughout the course for the focused perspective in respective module. For this module, you only need to know what perspectives are considered.

Johnson, E., & Goetz, E., (2007). Embedding Information Security into the Organization. IEEE Security & Privacy, May/June 2007.

After you have "strategically" read the above materials, and, more importantly, thought about them critically and interconnectively, compose a 4- to 6-page paper on the topic:

Comparisons of Information Security Management Frameworks

In preparing your paper, you need to discuss the following issues, and support with arguments and examples:

• What are the benefits of having frameworks for information security management?
• What are the frameworks of information security management? Their pros and cons?
• What are the major perspectives to consider in information security management and framework choice?
• What organizational factors should be considered in the framework choice?
• You may even expand what you learned here and come up with a better framework. Give it a try, although it is not required.

Assignment Expectations

Length: Minimum 4-6 pages excluding cover page and references (since a page is about 300 words, this is approximately 1,200-1,800 words).

Attachment:- Module_Information.rar

Management Information System, Management Studies

  • Category:- Management Information System
  • Reference No.:- M92166865
  • Price:- $40

Priced at Now at $40, Verified Solution

Have any Question?


Related Questions in Management Information System

Search the csu library the internet or any specific

Search the CSU library, the Internet, or any specific websites, and scan IT industry magazines to find an example of an IT project that had problems due to organizational issues. Write a paper summarizing the key stakeho ...

Question how can company protect the new emerging

Question : How can company protect the new emerging technology ventures from profit pressures of the parent organization (APA format required, Turntin check required . Minimum 250 words essay) How do companies overcome l ...

Communication and team decision makingpart 1 sharpening the

Communication and Team Decision Making Part 1: Sharpening the Team Mind: Communication and Collective Intelligence A. What are some of the possible biases and points of error that may arise in team communication systems? ...

Question provide an explanation of ifwherehow does active

Question : Provide an explanation of if/where/how does Active Directory support network security,14 pages (2,000-2,500) in APA format. Include abstract and conclusion. Do not include wikis, message boards, support forums ...

Question how companies could effectively use emerging

Question : How companies could effectively use emerging technology to win over its competitors. APA format required. 250 words essay required. The response must be typed, single spaced, must be in times new roman font (s ...

Question how customers could effectively use emerging

Question : How customers could effectively use emerging technology to win over its customers. APA format required. 250 words essay required. turntin check require. The response must be typed, single spaced, must be in ti ...

Part 1 - create an 8 slide powerpoint presentation on

Part 1 - Create an 8 slide PowerPoint presentation on foundational concepts specific to physical security. Part 2 - Write 4 pages detailing the framework for the design of an integrated data center. Assessment Instructio ...

In chapter 2 of the text - managing amp using information

In Chapter 2 of the text - Managing & Using Information Systems: A Strategic Approach, the chapter discusses why information systems experience failure often because of organizational strategy. A classic example of this ...

Review at least 4 articles on balanced scorecard and

Review at least 4 articles on Balanced Scorecard and complete the following activities: 1. Write annotated summary of each article. Use APA throughout. 2. As an IT professional, discuss how you will use Balanced Scorecar ...

Data resources management questionsq1 the dama dmbok

Data Resources Management QUESTIONS Q1. The DAMA DMBOK textbook describes the following two core activities as part of the Data Architecture management exercise: "Understanding enterprise information needs" and "Develop ...

  • 4,153,160 Questions Asked
  • 13,132 Experts
  • 2,558,936 Questions Answered

Ask Experts for help!!

Looking for Assignment Help?

Start excelling in your Courses, Get help with Assignment

Write us your full requirement for evaluation and you will receive response within 20 minutes turnaround time.

Ask Now Help with Problems, Get a Best Answer

Why might a bank avoid the use of interest rate swaps even

Why might a bank avoid the use of interest rate swaps, even when the institution is exposed to significant interest rate

Describe the difference between zero coupon bonds and

Describe the difference between zero coupon bonds and coupon bonds. Under what conditions will a coupon bond sell at a p

Compute the present value of an annuity of 880 per year

Compute the present value of an annuity of $ 880 per year for 16 years, given a discount rate of 6 percent per annum. As

Compute the present value of an 1150 payment made in ten

Compute the present value of an $1,150 payment made in ten years when the discount rate is 12 percent. (Do not round int

Compute the present value of an annuity of 699 per year

Compute the present value of an annuity of $ 699 per year for 19 years, given a discount rate of 6 percent per annum. As

Follow Us

© Copyright 2013-14 mywordsolution.com All rights reserved