Information Systems homework help
Discussion 1
“Principles for Policy and Standards Development” Please respond to the following:
Select two principles for policy and standards development (accountability, awareness, ethics, multidisciplinary, proportionality, integration, defense-in-depth, timeliness, reassessment, democracy, internal control, adversary, least privilege, continuity, simplicity, and policy-centered security). Examine how these principles would be the same and different for a health care organization and a financial organization.
Determine which type of organization would have the most difficulty implementing the principles you selected. Support your answer.
Discussion 2
“OCTAVE” Please respond to the following:
From the e-Activity, provide a brief explanation of the Operationally, Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) methods. Explain how they are beneficial for organizations developing their IT risk management approaches.
From the e-Activity, explain how the size of the organization impacts the OCTAVE method utilized. Determine the factors that large organizations, as opposed to small organizations, are most concerned with.
Discussion 3
“Acceptable Use Policy” Please respond to the following:
Describe the main elements of an acceptable use policy. Determine the factors that organizations need to consider when developing their acceptable use policy.
Determine the special considerations that need to be taken into account when developing the acceptable use policy for different types of users (i.e., employees, system administrators, security personnel, contractors, guests, and auditors).
Discussion 4
Best Practices for User Domain Policies” Please respond to the following:
Imagine that your supervisor has asked you to draft a brief statement about best practices for user domain policies that will be presented to the executive board. Create five best practices for user domain policies.
Select the best practice that you would emphasize the most during this presentation to the executive board and explain why.
Discussion 5
Policy for Portable and Mobile Devices” Please respond to the following:
Determine the primary considerations that an organization would need to take into account when developing the security policies involving bring your own device (BYOD), portable and mobile devices.
List and examine the major challenges of enforcing policies concerning BYOD, portable and mobile device
Discussion 6
“Demilitarized Zone (DMZ) Control Standards” Please respond to the following:
Analyze the IT infrastructure assets that are commonly located in the DMZ. Determine how the types and size of the organization impact the structure of the DMZ.
Propose at least three policies that organizations need to implement for traffic flowing into the DMZ or out of the DMZ.
“Principles for Policy and Standards Development” Please respond to the following:
Select two principles for policy and standards development (accountability, awareness, ethics, multidisciplinary, proportionality, integration, defense-in-depth, timeliness, reassessment, democracy, internal control, adversary, least privilege, continuity, simplicity, and policy-centered security). Examine how these principles would be the same and different for a health care organization and a financial organization.
Determine which type of organization would have the most difficulty implementing the principles you selected. Support your answer.
Discussion 2
“OCTAVE” Please respond to the following:
From the e-Activity, provide a brief explanation of the Operationally, Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) methods. Explain how they are beneficial for organizations developing their IT risk management approaches.
From the e-Activity, explain how the size of the organization impacts the OCTAVE method utilized. Determine the factors that large organizations, as opposed to small organizations, are most concerned with.
Discussion 3
“Acceptable Use Policy” Please respond to the following:
Describe the main elements of an acceptable use policy. Determine the factors that organizations need to consider when developing their acceptable use policy.
Determine the special considerations that need to be taken into account when developing the acceptable use policy for different types of users (i.e., employees, system administrators, security personnel, contractors, guests, and auditors).
Discussion 4
Best Practices for User Domain Policies” Please respond to the following:
Imagine that your supervisor has asked you to draft a brief statement about best practices for user domain policies that will be presented to the executive board. Create five best practices for user domain policies.
Select the best practice that you would emphasize the most during this presentation to the executive board and explain why.
Discussion 5
Policy for Portable and Mobile Devices” Please respond to the following:
Determine the primary considerations that an organization would need to take into account when developing the security policies involving bring your own device (BYOD), portable and mobile devices.
List and examine the major challenges of enforcing policies concerning BYOD, portable and mobile device
Discussion 6
“Demilitarized Zone (DMZ) Control Standards” Please respond to the following:
Analyze the IT infrastructure assets that are commonly located in the DMZ. Determine how the types and size of the organization impact the structure of the DMZ.
Propose at least three policies that organizations need to implement for traffic flowing into the DMZ or out of the DMZ.