Developing the Corporate Strategy for Information Security Research Paper

Developing the Corporate Strategy for Information warranter - Research Paper ExampleExample murder of this mapping in the organization can be done through the utilization of risk assessment tools in order to depict potential risks to tuition security. Management of the Risk An other(a) vital incline of CISO is managing the risks, which are interrelated with the functions of continuous assessment. Based on the results of the assessment, the officer is liable to develop strategies and plans in order to mitigate these threats (Whitman & Mattord, 2010 Homeland Security, 2007). Example In an organization, this function can be accommodated by determining risk management strategies, having continuous monitoring of the organizational processes. Implementation of Designed Program Another vital function of CISO calls for proper implementation of the designed programs to ensure that the organizational strategies are applied in an ethical and hazard-free manner. This function of the office r is quite vital, as efficiency of the other functions tend to be highly depended on its proper operation (Whitman & Mattord, 2010 Homeland Security, 2007). Example For the effective execution of this function, the CISO would need to utilize management techniques so that successful implementation of the organizational strategies can be assured. b. ... the skill to manage a control plan restricting inappropriate access to instruction that may resist organizational interests either directly or indirectly (EC-Council, 2013 Homeland Security, 2007). Physical Security In harmony to this ability, CISO will need to be familiar with the standards, policies and laws associated with physical security. In this regard, it would also be vital for the CISO to finalise the importance of such physical assets for any organization. Owing to this intelligence, CISO will be able to gain the competency to manage and develop a coherent plan to ensure the overall information security inwardly the organization (EC-Council, 2013 Homeland Security, 2007). Risk Management Mitigation as well as proper sermon of the threats being identified, is among the core competencies of CISO. In this regard, CISO should also need to be aware about the various resources that would be required towards determining proper risk management plan for the potential threats. It would be worth mentioning in this regard that successful mitigation of risk is directly dependent on this competency of CISO (EC-Council, 2013 Homeland Security, 2007). 2. The headland Information Officer (CIO)s functions within an organization a. Four (4) functions of CIO Manage A major function of a CIO is to determine the risks associated with information security of an organization. This can be done on the basis of facilitated understanding of policies and regulatory norms, related to managing the information. These functions will also include managing the strategic plans as well as programs associated with the informatio n technology practiced within an organization (United States Dept. of Homeland Security, 2011 Homeland Security, 2007). Example This function of a CIO