Part I
Based on the reading materials at background section and your own research, prepare a 3-5 page report to address the following questions on ISO standards on information security management:
Describe the Plan-Do-Check-Act process.
What does this process accomplish?
Part II
Based on the reading materials at background section and your own research, prepare a 3-5 page report to answer the following questions
Discuss the difference between law and ethics;
Research the Sarbanes-Oxley Act of 2002 and discuss how it has impacted information security in an organization.
Assignment Expectations
Your paper should be from 6 to 10 pages long. Combine Parts I and II into a single report, labeling each part accordingly.
Your paper should provide a summary of your findings from the assigned materials and any good quality resources you can find.
Please cite all sources and provide a reference list at the end of your paper. The following items will be assessed in particular:
Ability to consolidate ideas from reading materials.
Demonstration of your understanding of the process of how to manage and operate an information security management system.
The ability to express your ideas clearly.
BACKGROUND INFORMATION
Designing and Implementing an Effective Information Security Program: Protecting The Data Assets of Individuals, Small And Large Businesses.
Implementing an Effective IT Security Program.