disction baord

profileSAMIR

In Chapter 2 of Harris (2012), the author continued our examination of Information Security Governance and Risk Management through the use of Risk Assessment and Analysis.  The author further introduced the elemental or fundamental principles of security, which are Confidentiality, Integrity, and Availability.  Furthermore, Harris established the importance of Policies, Standards, Baselines, Guidelines, and Procedures as ADMINISTRATIVE CONTROLS.

In a peer reviewed journal article entitled: "Information security management best practice based on ISO/IEC 17799," Saint-Germain (2005) presented a framework or construct that ensured Confidentiality, Integrity, and/or Availability by invoking BEST PRACTICES found within the control - ISO/IEC 17799 [Located Under Module 1>Theory of BlackBoard].

After completing Chapter 2 assigned readings, as well as Saint-Germain (2005), COMPARE information presented within Harris (2012) against Saint-Germain (2005).  LIST 5 similarities that existed within the text and literature.  PROVIDE an explanation as to WHY you selected the similarities that you did.  Be sure to DEFEND your positions.

 

Harris, S. (2012). CISSP All-in-One Exam Guide (6th ed.). New York, NY: McGraw-Hill.


Saint-Germain, R. (2005). Information security management best practice based on ISO/IEC 17799. The Information Management Journal, 39(4), 60. [Located Under Module 1>Theory of BlackBoard].

 

 

 

 

 

 

 



Ch 2 - Information Security Governance and Risk Management


• Risk Management; Risk Assessment & Analysis (Read pages 70 – 100)
• Policies, Standards, Baselines, Guidelines, Procedures (Read pages 101 - 108)


Shon Harris, CISSP All-in-One Exam Guide (6th ed.), McGraw-Hill,
ISBN:  978-0-07-178174-9

    • 9 years ago
    • 3
    Answer(0)
    Bids(0)