Discussion: Training the IT Governance Board
You have been invited to attend a meeting of Padgett-Beale’s IT Governance Board. This board operates under authority delegated by the corporate governance board and focuses upon the ensuring that the company achieves maximum value for each dollar spent on information technology capabilities. This board’s charter gives it responsibility for governance, risk management, and compliance management (GRC) for corporate IT processes, policies, and technologies. Members of the board each serve for a three year term. Of the 24 members, 8 have just begun their terms.
For this meeting’s program, the chairperson of the IT Governance Board has asked each of the management interns to prepare and deliver a 5-minute informative speech on a relevant topic (see list below). Your speech should be directed towards the newly selected members of this board who have not yet had time to become familiar with all of the board’s responsibilities.
Choose one of the following IT management / IT security management frameworks as the topic of your speech.
ISO 27001/27002 (ISMS Program Management)
NIST Cybersecurity Framework
NIST Security and Privacy Controls (NIST SP 800-53)
NIST Risk Management Framework (NIST SP 800-37)
Business Model for Information Security (People,Processes, Policies & Technologies)
See the weekly readings for information about your selected topic.
Next Create A Blog separate of the discussion above
Blog: Extortion by Email
Read the article Extortion by Email and the analysis paper Extortion on the Job).
As you read, look for information about how the company managed IT risks related to malware and attacks. Then Answer the following questions below in a 3 – 5 paragraph
Questions to answer
What do you think?
Were the company’s policies and enforcement actions consistent with its desires to reduce risk?
Why or why not?