ITM 517 Module 1 Case

profileantony34
module_1_information.docx

Module 1 - Home

INFORMATION SECURITY MANAGEMENT FRAMEWORKS

Modular Learning Outcomes

Upon successful completion of this module, the student will be able to satisfy the following outcomes:

· Case

· Describe the frameworks that help manage information security.

· Explain the importance of using frameworks to manage information security.

· SLP

· Apply the learned frameworks to your own organization and your personal life.

· Discussion

· Assess the importance of information security management and its challenges.

Module Overview

The importance of information security is so well recognized now at both the organizational and person levels that there is even no need to argue against it. The main question is how to manage information security.

In this module, we start answering the "how" question by looking into the big picture. What are the key components of information security management? Is it the technology that matters the most? What is the roadmap to help manage and analyze information security? What is the most important principle?

Information technology changes at such a fast pace that is even difficult to for the professionals to keep up with. Information security issues linked to the fast-changing technology give even bigger headaches. As a manager and policy maker, should you go after the detailed technological features and security issues? Or should you develop a mindset and a roadmap that helps you develop flexible yet resilient processes to handle the security management?

This module will introduce you frameworks and a major principle that serve as the roadmap to help you cruise through the information security maze.

Module 1 - Background

INFORMATION SECURITY MANAGEMENT FRAMEWORKS

Required Reading

PowerPoint Presentation on Information Security Management Framework.

NIST (2011). Managing Information Security Risk—Organization, Mission and Information System View. National Institute of Standards and Technology Special Publication 800–39.

NIST (2011). Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations. National Institute of Standards and Technology Special Publication 800–137. Retrieved from http://csrc.nist.gov/publications/nistpubs/800-137/SP800-137-Final.pdf

Ma, Q., Schmidt, M. B., & Pearson, J. M. (2009). An integrated framework for information security management. Review of Business, 30(1), 58–69. (TUI Online Library: ProQuest)

Johnson, E., & Goetz, E. (2007). Embedding Information Security into the Organization. IEEE Security & Privacy, May/June 2007.

Business Software Alliance. (2016). Seizing opportunity through license compliance. Retrieved from http://globalstudy.bsa.org/2016/downloads/studies/BSA_GSS_US.pdf

Comparison of OSI to TCP/IP

http://www.youtube.com/watch?v=SII38b0RJr8

http://www.youtube.com/watch?v=RbY8Hb6abbg

http://www.nbcnews.com/id/18095186/#.US6xslfuqLU