Week 12 My posting over The 11 week

  I did write  about different  topics , all of the topic from our text book  because it is give chance to search and know more  about information security and how is important  in every aspect, in life i guess i will not known  that if i did take this class.

 I was using diffrent source  evey week to learn more about the topic i choose  from different point of view, howevr most of source are article or website, and several  of my post i just depends  on our text book as source.

  in my opinion  the blog post very  helpful  for us as student  in information  scurity , it hep to be more knowledgeable and understand  about the information security and how can effect the company , also makes aware of the news around worlds  regarding  to information security issue. i learn to serch about the i select  different  , then how can i apply my knowledge  about the topic with

supporting point  of view fr

om the source.

Blogging has made it possible for all of us to be publishers and to elevate our voices to improve classroom practice.(Ferriter,2009).

  

My posting over The 11 week:

Why management information security important

Management and leadership

Value statement, Vision statement, Mission statement

Why policy?

Why need information security awareness traing

Risk Management

Firewalls

Information security certificate

Access Control Model

Control Objectives for Information and Related Technology (COBIT)

Risk appetite

 Refrence:

  Ferriter, B. (2009, February 1). Membership. Retrieved May 31, 2015, from http://www.ascd.org/publications/educational-leadership/feb09/vol66/num05/Learning-with-Blogs-and-Wikis.aspx 

Week 9 Risk appetite

Risk appetite is a concept that helps guide organizational risk management activities by allowing officials to establish a baseline level of risk an organization is prepared to accept before taking an action, as well as evaluate the likelihood and impact of certain threats. 

The risk appetite should also be consistent with the culture of the company and with the capacity of the organization to manage risks inherent in its business activities.

It is important for the company: 

 

the value of a risk appetite statement is more than just as a set of benchmarks, it is also a means of communication. By bringing together the performance of the corporation and its commercial operations in a single framework, it triggers discussion about the key financial drivers and associated risks.

Refrence:

http://searchcompliance.techtarget.com/definition/risk-appetite

http://www.ey.com/GL/en/Services/Advisory/Risk-appetite--the-strategic-balancing-act

http://www.oliverwyman.com/insights/publications/2012/nov/defining-your-risk-appetite.html#.VWqUb0aGf5w

Week 7 Control Objectives for Information and Related Technology (COBIT)

 Control Objectives for Information and Related Technology (COBIT) is an IT governance framework and supporting tool set that allows managers to bridge the gap between control requirements, technical issues and business risks

 

COBIT emphasizes rigid compliance, helps organizations to increase the value attained from IT,enables position and simplifies implementation of the enterprises' IT governance and control framework.

 

Why COBIT Matters to Your Organization:

COBIT is important because it provides organizations with an actionable framework that auditors rely on for confirmation of compliance with security mandates in public laws. Typically, legislators focus on setting policy and leave implementation details to standards set by accredited organizations

Reference:

COBIT 4.1: Framework for IT Governance and Control . (n.d.). Retrieved May 29, 2015, from http://www.isaca.org/Knowledge-Center/COBIT/Pages/Overview.aspx 

  COBIT 4.1: Framework for IT Governance and Control . (n.d.). Retrieved May 29, 2015, from http://www.isaca.org/Knowledge-Center/COBIT/Pages/Overview.aspx