Learning Objectives and Outcomes
Recognize the legal aspects of the information security triad: availability, integrity, and confidentiality.
Examine the concept of privacy and its legal protections.
Identify risk analysis and incident response procedures.
Assignment Requirements
Introduction:
As discussed in this Unit, after IT professionals identify threat/vulnerability pairs and estimate the likelihood of their occurrence, IT management must decide which risk management techniques are appropriate to manage these risks. As a Security IT professional, it is very important to be able to critically evaluate your entire business's environment for risks and challenges.
This assignment allows you to fulfill the role of an IT Security manager in a small business tasked with determining appropriate risk management techniques for identified threats and vulnerabilities and to make related recommendations to senior management.
Tasks:
1. Read the article "The Seven Deadly Sins of Security Policy" in Network World
2. Find your organization's current IT Security Policy. Review and provide your assessment of its strengths and weaknesses.