Discussion:
The Human Factor, Organizational Policy, Networks and Administration
CMGT/400
Question 1: Write a 100- to 200-word short-answer response for the following:
Supporting Activity: Secure Software and Systems
What are two of the best practices for developing secure software and systems? Why would each practice be suitable for an organization to implement to strengthen its information security posture? Describe the benefits of each.
Question 2: Write a 100- to 200-word short-answer response for the following:
Supporting Activity: Threat Modeling
Where should threat modeling be used in the system development process? Why is it so challenging for some individuals to understand? What can be done to make learning how to do it effectively easier?
Question 3: Write a 100- to 200-word short-answer response for the following:
Supporting Activity: Internal IT Audit Group
What is the role of an internal IT audit group in an organization? Why is having such a group important for an organization and why should it report outside the normal IT reporting channels?
Quetion 4: Write a 100- to 200-word short-answer response for the following:
Supporting Activity: Developing the Security Program
What is an InfoSec program?
Developing the Security Program
Question 5: Write 100- to 200-word short-answer response to the following:
What functions constitute a complete InfoSec program?
Question 6: Write 100- to 200-word short-answer response to the following:
What organizational variables can influence the size and composition of an InfoSec program's staff?
Question 7: Write 100- to 200-word short-answer response to the following:
What is the typical size of the security staff in a small organization? A medium-sized organization? A large organization? A very large organization?
Question 8: Write 100- to 200-word short-answer response to the following:
Where should an InfoSec unit be placed within an organization? Where shouldn't it be placed?
APA format requires a concluding paragraph which sums up the wholepaper.