Assignment - Developing the Corporate Strategy for Information Security
Overview
Imagine that you are working for a startup technology organization that has had overnight success. The organization's immediate growth requires for it to formulate a corporate strategy for information security. You have been recruited to serve as part of a team that will develop this strategy.As part of the Information Security Strategy development, you are required to define specific Information Technology Security roles that will optimize and secure the organization's data assets.
Preparation
Review the following article:
National Initiative for Cybersecurity Careers and Studies.
2017 National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework. U.S. Department of Commerce.
Instructions
Write a 5 to 7 page paper in which you address the following:
- The Chief Information Security Officer (CISO) is responsible for several functions within an organization.
- Examine three specific functions a CISO and provide examples of when a CISO would execute these functions within the organization.
- Specify at least three competencies that the CISO could perform using the provided websites and articles.
The Chief Information Officer (CIO) is responsible for several accountability functions within an organization:
- Identify at least four functions of the CIO using the EBK as a guide.
- Provide examples of how the CIO would execute these functions within an organization.
- Classify at least two security assurances that could be achieved by the CIO developing a formal security awareness, training, and educational program.
- Suggest methods, processes, or technologies that can be used by the CIO to certify the security functions and data assets of an organization on a day-to-day basis.
- Describe how the digital forensics function complements the overall security efforts of the organization.
- Evaluate the operational duties of digital forensic personnel and how this helps qualify the integrity of forensic investigations within the enterprise and industry.
- List at least three technical resources available to the digital forensics professional to perform forensic audits and investigations.
Use three sources to support your writing. Choose sources that are credible, relevant, and appropriate. Cite each source listed on your source page at least one time within your assignment. For help with research, writing, and citation, access the library or review library guides.
This course requires the use of Strayer Writing Standards. For assistance and information, please refer to the Strayer Writing Standards link in the left-hand menu of your course. Check with your professor for any additional instructions.The specific course learning outcome associated with this assignment is:
Determine the functions and operational duties of key information security personnel within an organization.