EBK MANAGEMENT OF INFORMATION SECURITY
6th Edition
ISBN: 9780357752869
Author: WHITMAN
Publisher: CENGAGE CO
expand_more
expand_more
format_list_bulleted
Question
Chapter 8, Problem 2DQ
Program Plan Intro
NIST:
- National Institute of Standards and Technology (NIST) is the National Security Telecommunications and
Information system Security Committee document. This document offers a complete model forinformation security . - It mentions the documentation of performance measurements in a regular format to guarantee the repeatability of the measurement collection, development, customization and reporting activities.
Explanation of Solution
Security management model:
Security management model is a basic blueprint presented by a service company. It is recommended by the ISO/IEC 17799 model used for initializing, implementing or maintaining security in their company...
Expert Solution & Answer
Trending nowThis is a popular solution!
Students have asked these similar questions
What are the differences between the top-down and bottom-up approaches to information security?In comparison to a bottom-up strategy, what are the benefits of a top-down approach?Think about each concept in terms of how it relates to the organisation and compare and contrast them.
What are the key differences between the top-down and bottom-up approaches to information security?Is there any benefit to working from the top down as opposed to the bottom up?Evaluate the two ideas side by side, and explain in detail how they relate to the operation of the business.
How precisely can a security framework help in the planning and implementation of a security infrastructure? As compared to other forms of governance, information security governance stands out due to its unique characteristics. Is there a person or group inside the company who should be responsible for making contingency plans?
Chapter 8 Solutions
EBK MANAGEMENT OF INFORMATION SECURITY
Ch. 8 - Prob. 1RQCh. 8 - Prob. 2RQCh. 8 - Prob. 3RQCh. 8 - Prob. 4RQCh. 8 - Prob. 5RQCh. 8 - Prob. 6RQCh. 8 - Prob. 7RQCh. 8 - Prob. 8RQCh. 8 - Prob. 9RQCh. 8 - Prob. 10RQ
Ch. 8 - Prob. 11RQCh. 8 - Prob. 12RQCh. 8 - Prob. 13RQCh. 8 - Prob. 14RQCh. 8 - Prob. 15RQCh. 8 - Prob. 16RQCh. 8 - Prob. 17RQCh. 8 - Prob. 18RQCh. 8 - Prob. 19RQCh. 8 - Prob. 20RQCh. 8 - Prob. 1ECh. 8 - Prob. 2ECh. 8 - Prob. 3ECh. 8 - Prob. 4ECh. 8 - Prob. 5ECh. 8 - Prob. 1DQCh. 8 - Prob. 2DQCh. 8 - Prob. 3DQCh. 8 - Prob. 4DQCh. 8 - Prob. 1EDM
Knowledge Booster
Similar questions
- How precisely can a security framework help in the planning and implementation of a security infrastructure? The degree to which information security governance departs from conventional forms of management is what sets it apart. Is there a person or group inside the company who should be responsible for making contingency plans?arrow_forwardWhat are the differences between top-down and bottom-up approaches to information security?Bottom-up vs. top-down: why is one superior than the other?Compare and contrast each concept to fully see how it fits within an organization.arrow_forwardCompare and contrast the differences between the concepts of cybersecurity, information assurance, and risk management. Where in the security industry would each concept apply? What are the pros and cons of each? If your school or organization were to adopt one concept, which should it be? Why?arrow_forward
- Using the phases of the information security services life cycle as the basis of yourargument:1. Discuss the importance of this life cycle in the security product.2. Justify the reasons it must be included in the organisation’s informationsecurity program.3. Use suitable examples in your discussion and justification.arrow_forwardHow precisely can a security framework help in the planning and implementation of a security infrastructure? The degree to which information security governance departs from conventional forms of governance is what sets it apart. Is there a person or group inside the organization that should be responsible for making contingency plans?arrow_forwardQuestion What are the differences between top-down and bottom-up approaches to information security? Bottom-up vs. top-down: why is one superior than the other? Compare and contrast each concept to fully see how it fits within an organization.arrow_forward
arrow_back_ios
arrow_forward_ios
Recommended textbooks for you
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage LearningPrinciples of Information Systems (MindTap Course...Computer ScienceISBN:9781285867168Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning