CIS 527 Strayer University Risk Management and Information Security
It is an accepted truth that without risk there can be no gain. Every individual and organization must take some risks to succeed. Risk management is not about avoiding risks, but about taking risks in a controlled environment. To do this, one must understand the risks, their triggers, and their consequences.
Write a 3–4 page paper in which you:
- Define clearly risk management and information security, and discuss how information security differs from information risk management.
- Explain security policies and how they factor into risk management.
- Describe at least two responsibilities for both IT and non-IT leaders in information risk management.
- Describe how a risk management plan can be tailored to produce information system-specific plans.
- Use at least two quality resources in this assignment. Note:Wikipedia and similar websites do not qualify as quality resources. The Strayer University Library is a good source for resources.
Your assignment must follow these formatting requirements:
- This course requires the use of Strayer Writing Standards. For assistance and information, please refer to the Strayer Writing Standards link in the left-hand menu of your course.
The specific course learning outcome associated with this assignment is:
- Assess how risk is addressed through system security policies, system-specific plans, and contingency plans.