Identifying and Validating Information Sources Used to Assess Risk
Identifying and Validating Information Sources Used to Assess Risk
Risk assessments typically use sources such as Employee handbooks, HR Training records, and Technical Vulnerability Assessments to produce a holistic view of Cybersecurity risk. In the following assignment, you are the CISO for Acme, Inc. You have tasked your staff to pull together a list of risk or cybersecurity documents or policies that are currently in effect. They have responded with a short list of documents and a few comments. Given below is the document you received from the staff members I will provide Documents Evaluate the document and audit comments provided by your staff. Based on those findings, draft a Review of Policies and Procedures document designed to address any process or policy concerns that you have. Refer to the following link for a template for submission of your Review of Policies and Procedures Document. You can download and save the template on your computer and work on it. lso, provided here is a document where you will find sample answers to the first question and sample keys for all the findings. This will provide you the direction for formulating your answers.
Leave a Reply
Want to join the discussion?Feel free to contribute!