Definitions and discussions of threats which could impact confidentiality
More and more hiring actions start with a written essay from job candidates followed by a telephone “screening” interview. For this week’s discussion topic, you will take on the role of an applicant for an internship in a CISO organization. You are at the first stage in the application process — writing the essay. Your assigned topic is:
Why should a large company (>1000 employees) adopt the NIST Risk Management Framework to manage IT risks?
The application review committee is a group of managers (both technical and non-technical) who depend upon IT security to protect their business operations (including intellectual property, company strategic and financial information, and customer data). The purpose of the essay is two fold. First, the review committee is looking for the ability to think critically and analyze a relevant problem, in this case, the business need for a risk management framework and risk management program. Second, the review committee is looking for applicants who can communicate effectively in writing for both technical and non-technical audiences.
Write a 3 to 5 paragraph application essay that addresses the points listed below and which responds fully to the required topic. Your essay should not exceed 500 words so be concise, accurate, and clear in your essay.
Your essay should include:
1. Definitions and discussions of threats which could impact confidentiality, integrity, and availability of information, information systems, and networks.
2. Discussion of what it means to manage IT related risks in an organization-wide manner (why is there a business need for an IT risk management framework and IT risk management process). (See section 2.1 of the RMF)
3. Identification and discussion of the RMF process — addressing all 6 steps. (see Figure 2-2 in the RMF)
4. A summary of the benefits of adopting NIST’s RMF as the company’s risk management framework for IT risk management.
Provide in-text citations and references for 3 or more authoritative sources. Put the reference list at the end of your essay.
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r1.pdf
Answer preview to definitions and discussions of threats which could impact confidentiality
APA
490 words