docx

School

Collin County Community College District *

*We aren’t endorsed by this school

Course

2341

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

2

Uploaded by DeaconTurkey1941

Report
Module 4 – Governance and Organization Enterprise Information Security Program - Roles and Responsibilities 1. Define the following terms: a. Availability-Slide 59 b. Confidentiality-Slide 59 c. Integrity-Slide 60 d. Authenticity-Slide 59 e. Accountability-Slide 59 f. Non-repudiation-Slide 60 g. Reliability-Slide 60 2. List the five core components of an effective information system security program? Slide 5 3. What are the Board of Directors responsibilities in regards to information security governance? Slide 14 4. What are the five identified National Associate of Corporate Directors (NACD) Cyber Risk Oversight Principles? Slide 15 5. What are the five principles are identified in the “Guiding Principles for Cyber Risk Governance: Principles for Directors in Overseeing Cybersecurity” document? Slides 17-21 6. What are Executive Management responsibilities in regards to information security governance? Slide 23 7. What is a charter outline according to the text? Slide 26 8. What are the benefits in having a Security Steering Committee? Slide 26 9. What are the responsibilities of a CISO? Slide 32 10. List the different Organizational Structures where a CISO may be placed and describe the pros and cons of each? Slide 38-41 11. What are some of the steps one can take to align the Information Security organization within the company’s overall structure? Slides 50-55 12. What does RACI stand for and define element? Slide 46 13. What is the purpose of a RACI? Slide 43 14. How many A’s can any RACI tasks have? Only 1, Slides 44-45 15. What is Security Configuration Management? SCM Slide 3 16. Why is Security Configuration Management important? SCM Slide 11-12 17. What are Center for Internet Security Benchmarks and why are they important? Slides 15 and 17 18. What are Security Technical Implementation Guides and why are they important? Slides 16 and 17 19. What two things occur if one does not have sound Configuration Management process and procedures in place and positively acted upon? SCM Slide 19
20. What is (define) Information Technology Asset Management (ITAM)? Asset Management Slide 4 21. What two CIS Top 20 controls deal with Asset Management and what is the order of importance in the CIS Top 20? Asset Management Slide 9 22. What seven items are addressed in Cyber Resilience Review, Asset Management domain? Asset Management Slide 10
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

case 2-20.docx
Lab+3+Example.docx
1.PNG
Module 10 Case 14 DHL answer form W24.docx
Equifax Data Breach-Failures in Security Management Practices Version 5-1-1.pptx
Governance--Enterprise Information Security Program - Roles and Responsibilities--Review Questions--
Module 3 - Law, Privacy and Ethics Review Questions--Answered---Version 7-1.docx
4-1 Discussion NIST Guidance Review.pdf
week 5 -2.pdf
Information Security Project Plan Paper Grading Sheet--Alpha Community College Version 2 7-22-2021-1
BIOL 111 - Assignment 7.pdf
5-2 Discussion Mindset Incident Response Procedures, Forensics, and Forensic Analysis.pdf