Discussions2
San77
1.
a) Discuss what are the factors that an organization should consider when determining the scope for establishing security control testing requirements
b) Discuss two of the barriers to establishing an effective security test plan that provides an organization the ability to assess the effectiveness of the set of controls in use.
2.
Compare and contrast the NIST definition of risk contained in NIST Interagency Report (NISTIR) 7298, revision 2 (http://nvlpubs.nist.gov/nistpubs/ir/2013/NIST.IR.7298r2.pdf (Links to an external site.)) on page 161, sourced from FIPS 200, with Paul Hopkin’s preferred definition of risk on page 14 of the course text: “An event with the ability to impact (inhibit, enhance or cause doubt about) the effectiveness and efficiency of the core processes of an organization." Which definition do you think is better and why?
Cite all your sources, including the ones identified here (e.g., your course text) using APA format. If possible, cite external sources that help substantiate your position.
Provide any available scholarly research, directives, publications, memorandums to support your discussion and provide references in APA format.
5 years ago
5
Purchase the answer to view it
turnitinreport-2021-10-22T034908.320.pdf- InformationTchnologyDiscussion.docx
- Project Paper
- 2
- U6IP: Cultural Diversity
- DISCUSSION
- 51
- Elements of Stat Method Quiz and HW
- Research & Reporting 2 pages
- Week 1 Discussion 1 Why We Hate HR
- Financial Planning and Agency Conflicts" Please respond to the following: •* From the scenario, cite your forecasting conclusions that support TFC’s decision to expand to the West Coast market. Speculate as to whether or not the agency conflict discussed
- psychology
