Assignment: Information Security Governance
Information security management and governance are not simply implemented tasks within organizations. An information security governance program is a program that must be thoroughly planned, include senior-level management involvement and guidance, be implemented throughout the organization, and be updated and maintained. The International Organization for Standards (ISO) and the International Electrotechnical Commission (IEC) has created information security governance standards. Review the information security governance information provided by ISACA.
Write a paper in which you:
1. Define the information security governance and management tasks that senior management needs to address.
2. Describe the outcomes and the items that will be delivered to the organization through the information security program.
3. Develop a list of at least five best practices for implementing and managing an information security governance program within an organization.
4. Develop a checklist of items that needs to be addressed by senior management, including priorities and needed resources.
5. Use at least three quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Format your assignment according to the following formatting requirements:
1. The answer should be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
2. The response also include a cover page containing the title of the assignment, the student's name, the course title, and the date. The cover page is not included in the required page length.
3. Also Include a reference page. The Citations and references should follow APA format. The reference page is not included in the required page length.
The specific course learning outcomes associated with this assignment are:
• Examine the principles requiring governance of information within organizations.
• Use technology and information resources to research legal issues in information security.
• Write clearly and concisely about information security legal issues and topics using proper writing mechanics and technical style conventions.