Information security
governance requires involvement from stakeholders throughout the organization.
Executives, business owners, technical experts, and legal experts assess, plan,
and execute information security governance in the organization. In order to
deal efficiently with information security governance you will have to
understand the fit between it and the entire organizational structure.
To prepare for this
Assignment, assume the role of computer security team leader in an organization
that needs to mitigate a risk. You have been asked to design and test a process
for assessing and mitigating risk in the organization but, before you do, you
need to make sure you have the right people on your team.
Next, describe a particular
type of risk that you think the organization is facing or may face in the near
future. The risk should involve either the use of a new technology or a
new administrative process.
You have complete authority to
form your own team and identify any resources you would need to perform your
job.
For this Assignment, write a
4- to 6-page paper aligning the security team with the overall organizational
structure and outlining the responsibilities of the different stakeholders.
Respond to the following in your paper:
What is the risk that you
identified?
What are the skill sets you
need on the team?
How would you determine
whether a prospective team member possesses the required skill sets?
What critical items would you
need to consider while forming the team, and why?
How does the information
security function of your team fit into the larger organizational structure?
What are the roles and
responsibilities (relevant to the risk management process) of the stakeholders
who need to be involved in the entire process?
Clearly state any other
assumptions you make for this scenario.
Make your work original and
include your references in APA format
