Discussion 1: Information Security Governance and Best Practices
Purpose
This assignment is intended to help you learn to do the following:
· Describe how governance supports an organization’s information security strategy.
· Describe governance, risk, and compliance in the context of security controls.
Overview
Create a discussion post that addresses these questions:
· Evaluate the interdependency and relationships between governance, risk, and compliance concepts. Which one drives the others? Support your evaluation with specific examples.
· Select a type of organization listed in Chapter 2 (Select among Figure 2.1, 2.2 and 2.3). Evaluate the relationship between governance and security strategy for the selected type of the organization. Which one requires the other more or do they equally require each other? Make sure to support what you assert with facts from the readings.