Be sure to elaborate on your answers and provide support for each of your statements.
I. Government Security and Privacy Regulations
1. When dealing with federal agency data breach policy and data breach notification policy. What laws should be considered? Which department should do what, and what would be the process?
2. What is FISMA? What must be included in the plan?
3. You will play the role of an inspector general who has been assigned the task of reviewing the Office of Management and Budget (OMB) breach notification plan requirements and submitting a checklist to senior management regarding what is required to comply.
4. What is NIST? What is the benefit of this organization?
5. Summarize the three main import/export control laws.
II. State Laws Regarding Breach Notification
1. What are the recommended practices of notice of security breach based on California law? What factors should be considered? Do the recommendations change for different states?
2. What is Virginia's state laws regulating information security, privacy, and data breach notification?
3. Based on VA law, create a response to be sent to data breach victims.