Lecture W5 - SIT 284: IT Security Management Developing an...

Info iconThis preview shows pages 1–6. Sign up to view the full content.

View Full Document Right Arrow Icon
J. H. Abawajy IT Security Management Slide#: 1 SIT 284: IT Security Management Developing an Information Security Program
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
J. H. Abawajy IT Security Management Slide#: 2 Learning Objectives Upon completion of this lecture, you should be able to: Recognize and understand the organizational approaches to information security List and describe the functional components of the information security program Determine how to plan and staff an organization’s information security program based on its size Evaluate the internal and external factors that influence the activities and organization of an information security program List and describe the typical job titles and functions performed in the information security program Identifies key concepts to consider when building a new security program or improving an existing one.
Background image of page 2
Questions to think about What are the key components of an information security program? What are core concepts that you should consider when building a new security program or improving an existing one? How organisational culture determine how to structure an information security program? How organisational size determine how to structure an information security program? How organisational Security budget (capital and expense for resources and personnel) determine how to structure an information security program? J. H. Abawajy IT Security Management Slide#: 3
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Information Security Program (ISP) ISP describes the structure and organisation of the efforts that strives to contain the risks to the information assets of the organisation. This include Personnel security Physical security Security policy Contingency plans ….. J. H. Abawajy IT Security Management Slide#: 4
Background image of page 4
Information Security Program (ISP) Security is a process that examines and then mitigates the risks that arise from organisation’s day-to-day activities Bruce Schneier, in Secrets and Lies, Digital Security in a Networked World, writes: If you think that technology will solve your security problems, then you don’t understand security and you don’t understand
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 6
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 10/01/2009 for the course SIT 284 taught by Professor Jam during the Spring '09 term at Alfred University.

Page1 / 20

Lecture W5 - SIT 284: IT Security Management Developing an...

This preview shows document pages 1 - 6. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online