Quizz
Overview
This module introduces the concept of information security governance as a critical component of information security strategy. You’ll be exposed to techniques for creating such strategies, and develop a comprehension of ways that governance supports such strategies. You’ll demonstrate through different assessments the importance of security management as a tool that security leaders can use to effectively govern.
Learning Outcomes
Upon completion of this module, you should be able to do the following:
· Describe how governance supports an organization’s information security strategy.
· Describe governance, risk and compliance in the context of security controls.
· Develop a security strategy for an organization.
· Recommend key goal, performance, and risk indicators for a given security strategy.
· Develop a security program, identifying goals, objectives ,and metrics. [SPM 1]
· Effectively manage a security program. [SPM 2]
Reading & Preparation
Here are the resources you need to prepare for this module:
Fitzgerald (2016):
· Chapter 1, Getting Information Security Right Top to BottomLinks to an external site.
· Chapter 2, Developing Information Security StrategyLinks to an external site.
Brotby & Hinson (2016):
· Chapter 2, Why Measure Information Security?Links to an external site.
· Chapter 3, The Art and Science of Security MetricsLinks to an external site.
· Information Security Governance: KGIs, KPIs, and KRIs [Video]Links to an external site.
Navigating the Digital Divide - The Definitive Cybersecurity Guide for Directors and Officers:
· Chapter 3, Cyber Governance Best PracticesLinks to an external site.
· Chapter 14, Establishing the Structure, Authority, and Processes to Create an Effective ProgramLinks to an external site. (Reference for the course project)
Discussion GuidelinesLinks to an external site.
Effectively Responding to a Peer’s PostLinks to an external site.
Optional:
Navigating the Digital Divide - The Definitive Cybersecurity Guide for Directors and Officers: