chapter05

chapter05 - Principles of Information Security 5-1 Chapter...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Principles of Information Security 5-1 Chapter 5 Developing Security Programs Chapter Overview Chapter 5 will explore the various organizational approaches to information security and provide an explanation of the functional components of the information security program. Readers will learn how to plan and staff an organization’s information security program based on its size and other factors as well as how to evaluate the internal and external factors that influence the activities and organization of an information security program. As the topic of organizing the information security function is expanded upon, the reader will learn how to identify and describe the typical job titles and functions performed in the information security program. The chapter concludes with an exploration of the components of a security education, training, and awareness program and describes how organizations create and manage these programs. Chapter Objectives When you complete this chapter, you will be able to: Recognize and understand the organizational approaches to information security List and describe the functional components of the information security program Determine how to plan and staff an organization’s information security program based on its size Evaluate the internal and external factors that influence the activities and organization of an information security program List and describe the typical job titles and functions performed in the information security program Describe the components of a security education, training, and awareness program and understand how organizations create and manage these programs Set-up Notes This chapter could be completed in a single class session, if there is sufficient time to cover the material. Unless the students have not had the opportunity to read the material in advance (in some settings, the textbooks are not made available until the first class meeting), it may be prudent to have a general discussion of the topic, with detailed lecture to follow at the next class meeting. The subject matter can be covered in 1.25 to 2.5 hours.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Principles of Information Security 5-2 Lecture Notes and Teaching Tips with Quick Quizzes Introduction Some organizations use the term “security program” to describe the entire set of personnel, plans, policies, and initiatives related to information security. The term information security program is used here to describe the structure and organization of the effort that contains risks to the information assets of the organization. Organizing for Security Among the variables that determine how to structure an information security program are organizational culture size security personnel budget security capital budget “…as organizations get larger in size, their security departments are not keeping up with the demands of increasingly complex organizational infrastructures. Security spending per user and per machine declines exponentially as organizations grow, leaving most
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 21

chapter05 - Principles of Information Security 5-1 Chapter...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online