SEC 402 WK 4 Assignment 1 – Developing the Corporate Strategy fo

SEC 402 WK 4 Assignment 1 – Developing the Corporate Strategy for Information Security

Write a five to seven (5-7) page paper in which you:
1. The Chief Information Security Officer (CISO) is responsible for several functions within an
organization.
a. Examine three (3) specific functions a CISO and provide examples of when a CISO
would execute these functions within the organization.
b. Specify at least three (3) competencies that the CISO could perform using the provided
Website titled, “Information Technology (IT) Security Essential Body of Knowledge (EBK):
A Competency and Functional Frame-work for IT Security Workforce Development.”
2. The Chief Information Officer (CIO) is responsible for several accountability functions within an
organization:
a. Identify at least four (4) functions of the CIO using the EBK as a guide. Provide examples
of how the CIO would execute these functions within an organization.
b. Classify at least two (2) security assurances that could be achieved by the CIO
developing a formal security awareness, training, and educational program.
c. Suggest methods, processes, or technologies that can be used by the CIO to certify the
security functions and data assets of an organization on a day-to-day basis.
3. Describe how the digital forensics function complements the overall security efforts of the
organization.