logo

Governance for Information Security

   

Added on  2022-09-09

10 Pages643 Words19 Views
Click to edit Master title style
1
IT Governance
for Information
Security
Managers
N a m e : C L E M E N T O A K I N T A D E
C o u r s e C o d e : I T A S 4 6 9
I n s t r u c t o r N a m e : J o s e p h D . G r a d e c k i
U n i t N u m b e r : U n i t 1
D a t e : 0 4 - 0 2 - 2 0 2 0

Click to edit Master title style
2
The business case for implementing a formal IT
governance program
2
Problem: The organization has been receiving several scrutiny from the external moderators as a
result of the Sarbanes-Oxley Act (SOX) and other federal regulations that apply to the business.
Solution: The organization is in the need of developing the IT Governance program for the
Information Security Managers within the organization, which would be established with the
analysis of the current organizational scenario.
Approach: The CIO would assess the scenario and then discuss the trade off for the business
operation to implement stronger it control system. The business operations would be established
with improved measurement followed by the listing of steps to follow design and implementation of
the IT governance program analyzing the risk and value of the implementation plan.
Risk Assessment: Risk assessment would be followed by the analysis of the steps to be taken
and what issues can it create along with its positive and negative impact. This would help in
developing a mitigation strategy for the negative risks.
Value Analysis: The benefits added to the business as well as the involvement of value added to
the customer services would contribute to the business forming the value off the implementation.

Click to edit Master title style
3
The outcomes of effective security governance
3
Strategic alignment
Delivery of good business value
Proper management of risk analysis and implementation of
mitigation strategies
Proper and appropriate measurement of performances
Resource Management
Business integration

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Security ensures protection of data
|13
|1016
|18

Cyber-security Program
|5
|914
|463

Security Operation Centre
|8
|1638
|146

Organizational Readiness and Risk Assessment for ISO 27001:2013 Certification
|9
|1054
|440

IT Security Risks and Risk Mitigation Approaches : Report
|7
|2906
|188

Computer Security Plan for BarnUrban Renewal Projects Organization
|9
|1935
|87