docx

School

Collin County Community College District *

*We aren’t endorsed by this school

Course

2341

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

1

Uploaded by DeaconTurkey1941

Report
Module 4 – Governance and Organization Enterprise Information Security Program - Roles and Responsibilities 1. Define the following terms: a. Availability- b. Confidentiality- c. Integrity- d. Authenticity- e. Accountability- f. Non-repudiation- g. Reliability- 2. List the five core components of an effective information system security program? 3. What are the Board of Directors responsibilities in regards to information security governance? 4. What are the five identified National Associate of Corporate Directors (NACD) Cyber Risk Oversight Principles? 5. What are the five principles are identified in the “Guiding Principles for Cyber Risk Governance: Principles for Directors in Overseeing Cybersecurity” document? 6. What are Executive Management responsibilities in regards to information security governance? 7. What is a charter outline according to the text? 8. What are the benefits in having a Security Steering Committee? 9. What are the responsibilities of a CISO? 10. List the different Organizational Structures where a CISO may be placed and describe the pros and cons of each? 11. What are some of the steps one can take to align the Information Security organization within the company’s overall structure? 12. What does RACI stand for and define element? 13. What is the purpose of a RACI? 14. How many A’s can any RACI tasks have? 15. What is Security Configuration Management? 16. Why is Security Configuration Management important? 17. What are Center for Internet Security Benchmarks and why are they important? 18. What are Security Technical Implementation Guides and why are they important? 19. What two things occur if one does not have sound Configuration Management process and procedures in place and positively acted upon? 20. What is (define) Information Technology Asset Management (ITAM)? 21. What two CIS Top 20 controls deal with Asset Management and what is the order of importance in the CIS Top 20? 22. What seven items are addressed in Cyber Resilience Review, Asset Management domain?
Discover more documents: Sign up today!
Unlock a world of knowledge! Explore tailored content for a richer learning experience. Here's what you'll get:
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

IT 650 Final Milestone Three.pdf
case 2-20.docx
Lab+3+Example.docx
1.PNG
Module 10 Case 14 DHL answer form W24.docx
Equifax Data Breach-Failures in Security Management Practices Version 5-1-1.pptx
Governance--Enterprise Information Security Program - Roles and Responsibilities--Review Questions--
Module 3 - Law, Privacy and Ethics Review Questions--Answered---Version 7-1.docx
4-1 Discussion NIST Guidance Review.pdf
week 5 -2.pdf
Information Security Project Plan Paper Grading Sheet--Alpha Community College Version 2 7-22-2021-1
BIOL 111 - Assignment 7.pdf