NIST and Risk Governance and Risk Management

/in /by

Week 5 Discussion 1

Top of Form

 

Save your time - order a paper!

Get your paper written from scratch within the tight deadline. Our service is a reliable solution to all your troubles. Place an order on any task and we will take care of it. You won’t have to worry about the quality and deadlines

Order Paper Now

“NIST and Risk Governance and Risk Management” Please respond to the following:

· NIST provides many procedures and much guidance on IT and information security-related topics.

·

. Assess if NIST is too large and attempts to cover too many topics. Decide if NIST should separate into different entities for different major areas, such as IT governance, risk management, information security, and others.

. Assess if the various NIST documents covering risk management topics and concepts are too spread out and should be more consolidated to provide better guidance to organizations when they are establishing risk management programs.

Bottom of Form

Bottom of Form

 

 

 

Week 5 Discussion 2:

 

“FISMA and NIST” Please respond to the following:

· From the e-Activity, describe the main elements of FISMA in the management and governance of federal information systems.

· From the e-Activity, examine how FISMA and NIST work together to provide guidance and direction to organizations and agencies.

 

 

Week 5 e-Activity

· The Federal Information Security Management Act (FISMA) provides many standards and guidance for implementing effective security management programs. Review the information, located at  http://csrc.nist.gov/groups/SMA/fisma/index.html , and be prepared to discuss.

 

 

ENG 315: Professional Communications

Discussion:

 

“Midterm Report Card”

1. Compare your understanding of professional communications at midterm with your understanding of the topic before you started the course. Share something from the last five weeks that stood out to you – or surprised you. Will this realization change the way you communicate?

2. Communication is a skill that develops over time. Where do you envision your professional communication skills at the end of this course? What goal will you set out to achieve by Week 11?

3. Looking at the next several weeks, what aspect of the class are you most looking forward to learning?

 

 

 

 

 

CIS 349: Information Technology Audit and Control

 

Discussion:

 

Click the link above to respond to the discussion. If you need help with completing discussions please click  here  for more information.

“Monitoring the User Domain”

· It is common knowledge that employees are a necessary part of any business. Identify three best practices in the user domain and suggest the control type(s) (technical or manual) that are best suited to monitor each best practice.

· Determine the impact that factors such as physical security, device type and open source software might have on the choices that are made.