WARNING: This has to be original work that will pass Turnitin or any other checker. If it does not pass this you will not be paid!
Organizations that you work for will often apply an IT governance framework such as COBIT or ISO 27001, or one of the others that are available. These frameworks provide guidelines for IT governance in the organization and offer guidelines for building a governance system. In this unit, you will apply the ISO 27001 Information Security Management System (ISMS) framework to begin outlining a governance strategy for an organization.
Select an organization that you would like to develop an IT governance strategy for, using ISO 27001, Information Security Management System (ISMS). You can find ISMS on the Internet or in this unit’s reading. The organization should be one you are familiar with from having worked there.
In your paper, include the following:
- Define and discuss the ISO 27001 Information Security Management System in terms of the Deming Cycle of continuous improvement of Plan-Do-Check-Act (PDCA)
- Brief description of the organization and type of business engaged in.
- High level information security policy that defines management’s overall objective for information security as it relates to business requirements and relevant laws and regulations.
- Information security direction for the organization
- Information security objectives for the organization
- Information on how the organization will meet contractual, legal, and regulatory requirements
- A statement of commitment to continuous improvement of the ISMS.
- High level risk assessment (for purposes of this paper, discuss the top 3-4 risks only)
- Define a risk management framework that will be used
- Identify risks and describe the risk
- Analyze and evaluate the risks in terms of severity and impact
- Statement of Applicability
- Identify selected controls to address identified risks (again only the top 3-4 risks)
- Explanation of why these controls were selected
- Conclusion paragraph
This is a short version of an IT governance strategy but will provide a good understanding of the elements that must be included for this ISO 27001 ISMS.
- 4-5 pages of content (exclusive of cover sheet and references page), using Times New Roman font style, 12pt, double-spaced, using correct APA formatting, and include a cover sheet, table of contents, abstract, and reference page(s)
- At least 1 credible source cited and referenced
- No more than 1 table or figure
- No spelling errors
- No grammar errors
- No APA errors
For more information and examples of APA formatting, visit the Writing Center in the library or APA Style Central under Academic Tools in this course.
Also review the Policy on Plagiarism. If you have any questions, please contact your professor.
Directions for Submitting Your Assignment
Name your Assignment document according to this convention: YourLastName_IT591_Unit1. Submit your completed Assignment to the Unit 1 Dropbox by the deadline.