UP Role of Governance in Information Security Discussion Responses

Description

Please reply to the two posts below

1. As the prompt suggests, information security went from being a technical add-on to full fledge attribute that co-exists with any system that is being built. From meeting certain standards to auditors or other organizations, there are many drivers in the space that push for more effective governance of security. The governance in itself is different from security management, which tackles mitigation risks. Governance in this case refers to authorization of decision making regarding the mitigation. From accountability to security management taking proper order, governance makes sure the polices are valid and complaint with the organization and standards. Financial reasons, accountability, structure, and assurance are some factors for information security governance. Being able to make sure an organization and its employees from top to bottom are dealing business within legal limits helps it from getting into trouble, while at the same time seeing processes taking shape and connected can prevent further harm to the organization via cyberattacks from in or out the company.

2. The primary drivers of effective information security governance in my experience have been requirements from auditors. In the financial services sector, FCUA and FDIC have strict guidelines on the maintenance, safeguarding and access of PII or NPI. As an example in order to have more secure Windows servers one could use CIS standards or STIGs (DoD). CIS Benchmarks or STIG configurations are meant to be a “gold standard” in order to secure or “harden” specific operating systems. Risk management would have to work in conjunction with Information Security (IT) in order to establish baselines and where there could be improvement. Identifying the highest values assets (or targets) with more vulnerabilities prior to auditing not only improves your overall security posture, but decreases risk. Executive decision making would have to be based on extensive research, effort and budgeting in order to meet information security guidelines. If glaring problems or inherent risks are not addressed the company’s reputation and reliability could suffer. Executive decision making also has to include the bottom line, or the customers’ wants and needs at the end of the day.

Explanation & Answer:

50 Words

User generated content is uploaded by users for the purposes of learning and should be used following our honor code & terms of service.



^{Have a similar assignment? "Place an order for your assignment and have exceptional work written by our team of experts, guaranteeing you A results."}

Our Service Charter

1. Professional & Expert Writers: Eminence Papers only hires the best. Our writers are specially selected and recruited, after which they undergo further training to perfect their skills for specialization purposes. Moreover, our writers are holders of masters and Ph.D. degrees. They have impressive academic records, besides being native English speakers.

2. Top Quality Papers: Our customers are always guaranteed of papers that exceed their expectations. All our writers have +5 years of experience. This implies that all papers are written by individuals who are experts in their fields. In addition, the quality team reviews all the papers before sending them to the customers.

3. Plagiarism-Free Papers: All papers provided by Eminence Papers are written from scratch. Appropriate referencing and citation of key information are followed. Plagiarism checkers are used by the Quality assurance team and our editors just to double-check that there are no instances of plagiarism.

4. Timely Delivery: Time wasted is equivalent to a failed dedication and commitment. Eminence Papers are known for the timely delivery of any pending customer orders. Customers are well informed of the progress of their papers to ensure they keep track of what the writer is providing before the final draft is sent for grading.

5. Affordable Prices: Our prices are fairly structured to fit in all groups. Any customer willing to place their assignments with us can do so at very affordable prices. In addition, our customers enjoy regular discounts and bonuses.

6. 24/7 Customer Support: At Eminence Papers, we have put in place a team of experts who answer all customer inquiries promptly. The best part is the ever-availability of the team. Customers can make inquiries anytime.