Question

In: Accounting

The steps to creating an information security plan would be in which of the following sequences?...

The steps to creating an information security plan would be in which of the following sequences?

Identify threats, identify risks, design controls, incorporate controls into an enterprise-wide plan, Set forth policies

Set forth policy, design controls, identify risks, identify threats, incorporate controls into an enterprise-wide plan

Solutions

Expert Solution

1. To develop any plan there must be policies and procedures. So the first step to create an information security plan would be to set forth policy.

2. Then next step is to identify risks to assess what level of security is needed to protect information assets.

3. Identify threats which can exploit the vulnerability in information system and cause significant risk.

4. After identifying risks and threats, it is appropriate to design controls because not all risks are major and it will not be cost effective to implement expensive control processes for minor risks.

5. After designing controls, we must implement them in our enterprise. So the next step would be to incorporate controls into an enterprise wide plan.

Hence the sequence of steps to create an information security policy would be :

Set forth Policy, Identify risks, Identify threats, design controls, incorporate controls into an enterprise wide plan.


Related Solutions

Imagine you are the Newly hired Security Personnel responsible for creating a security and privacy plan...
Imagine you are the Newly hired Security Personnel responsible for creating a security and privacy plan for your organization. The purpose of your plan is to describe standards that help ensure the privacy and integrity of the many different facets of a network. What policies will you include in your plan that protects the hardware and physical aspects of the network and; Identify hardware areas that need to be secured.
Which of the following are arithmetic sequences, which are geometric sequences, and which are neither? (a)...
Which of the following are arithmetic sequences, which are geometric sequences, and which are neither? (a) 5, 10, 20, 40, 80, Describe the sequence and the change in it. (b) 3, 8, 13, 18, 23, 28, Describe the sequence and the change in it. (c) 1, 4, 9, 16, 25 Describe the sequence and the change in it.
A chief information security officer is creating a security committee involving multiple business units of a...
A chief information security officer is creating a security committee involving multiple business units of a corporation. Which of the following is the best justification to ensure collaboration across business units? A risk to business unit is a risk avoided by all business units, and liberal BYOD policies create new unexpected avenues for attackers to exploit Enterprises single point of coordination is required to ensure cyber-security issues are addressed in protected, compartmentalize groups without business unit collaboration, introduced by one...
What are some key steps to consider when creating a social responsibility marketing plan for a...
What are some key steps to consider when creating a social responsibility marketing plan for a new brand?
What steps should businesses follow in establishing a security plan? (e-business)
What steps should businesses follow in establishing a security plan? (e-business)
Research and include the following: Security Risk Mitigation Plan: Develop education plan for employees on security...
Research and include the following: Security Risk Mitigation Plan: Develop education plan for employees on security protocols and appropriate use. Provide risk response. Avoidance Transference Mitigation Acceptance Address change Management/Version Control. Outline acceptable use of organizational assets and data. Present employee policies (separation of duties/training).
Which of the following protospacer adjacent motif sequences would be recognized by Cas9? GCG TGC ACG...
Which of the following protospacer adjacent motif sequences would be recognized by Cas9? GCG TGC ACG TGG GGT
Which of the following eukaryotic sequences would you predict to have the longest “life-time” (stability) in...
Which of the following eukaryotic sequences would you predict to have the longest “life-time” (stability) in the cytoplasm: Select one: a. 5’ AUGGCCCGGAAACAAAAAAAAAAAAAAAAAAAAAAA 3’ b. 5’GTCACGATCGACTAGATCGACTGACTGACTGCTAGCATACTACTAAAAA 3' c. 5’ GCUAUAACGUGGAAAAAAAAAA 3’ d. 3’GCUCCUCUAUCACUCUACUAAACAAAACAAGUAAAAAAAAAAAAAAAAAAA 5’
For each of the following tRNA anticodon sequences, determine which amino acid would be charged onto...
For each of the following tRNA anticodon sequences, determine which amino acid would be charged onto the tRNA. (note: these are ANTIcodon sequences, not codon sequences) If more than one tRNA is necessary to recognize all codons for that amino acid, state the anticodon sequences of the other tRNAs that would also be charged with that amino acid. If a given sequence is not a possible tRNA anticodon sequence, explain why not. A. 5’- IAU - 3’ B. 5’- GCC...
An enterprise security plan is a document that explains the security exposure that an entity would encounter in a specific marketplace.
An enterprise security plan is a document that explains the security exposure that an entity would encounter in a specific marketplace. A committee of people typically writes this document over a span of a few months. Many times the drafts begin with developing a high-level overview of strategic objectives that address how to secure the enterprise inside and outside the enterprise.The CEO asks you to explain the core principles of enterprise security and respond to five strategic objectives as part...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT