Corporate Governance for Information System Security

profilejimmylb1234
SLP3.docx

Corporate Governance for Information System Security

For Module 3 on Information Security Governance (ISG) assessment, you will use your selected company to explore ISG. Look for a person involved in ISG to answer the questions from the below COBIT Pathway Tool. If you cannot locate anyone, answer the questions yourself. For this ISG assessment you will use the COBIT/CMMI Pathway tool.

Go to this site and use your Trident email address to register and download the COBIT/CMMI tool. You will need to register on the ISACA website – just use your Trident email address and you can freely download this tool. https://www.isaca.org/bookstore/cobit-5/wcb5cmmi

Do not disclose the name of the organization in your analysis. You will describe the nature of the organization's business in your use of the tool. Discuss your assessment of the COBIT/CMMI tool. Specifically discuss how you would modify the tool to incorporate the features of Cobit 2019 and how the changes in Cobit 2019 to Cobit 5 add to Information Security Governance at your chosen firm.

Background Readings:

August 24, 2019. Session 2 COBIT 2019 Overview by Yusuf Hashmi https://www.youtube.com/watch?v=zAriyxTQBWI

Getting started in digital forensics https://www.youtube.com/watch?v=j3lgxdylktM

Gregory, P. H. (07/24/2019). CISM®: Certified information security manager all in one, McGraw-Hill. Chapter 2 and 3

Digital forensics full course https://www.youtube.com/watch?v=kDDdF2wyOF0&list=PL4gyeOPdriHdvfYOn70RMDGY8TK6vBLBG

Information security governance https://www.youtube.com/watch?v=ThaYLnEhqHo

Information security governance (CISM) https://www.youtube.com/watch?v=vT7FLp1Pg48

National Vulnerability Database: NIS Special Publication 800-53 https://nvd.nist.gov/800-53

Optional Reading

Iannarelli, J. G. and O’Shaughnessy, M. (2015). Information governance and security: Protecting and managing your company’s proprietary information. Butterworth-Heinemann. ISBN:9780128002476, Chapter 1 – 7. Available in the Trident Online Library.

Sigler, K. and Rainey, J. L. (2016). Securing an IT organization through governance, risk management, and audit. CRC Press. ISBN:9781498737319, Chapter 8 – 16. Available in the Trident Online Library