Home » Downloads » Risk management

Risk management

Risk management

Please be on time and make good online research and ready the story below very clearly and answer the below questions

Story

I have worked in the information assurance (IA) arena for well over a decade. But as happens to many professionals, I worked in one sector only. I became used to the specialized controls that only affected a small segment of the IA population in terms of information technology (IT) and IA processes.

Sure, I was offered the chance to study Information Technology Infrastructure Library (ITIL), but I did not understand the value of a standardized approach to IT management at that stage in my career.

Moral of the Story

Today, I am learning about NIST SP 800-53 controls, but the organization I am working for does not have a standardized approach. That is a long-term goal. In many ways, I wish I had looked at the IA and IT world from a higher vantage point earlier on so that I would understand how a framework could be used to map multiple types of controls. Instead, I am behind the times in catching up on this important work.

Note: The example companies, organizations, products, people, and events depicted herein are fictitious. No association with any real company, organization, product, person, or event is intended or should be inferred.

Assignment

The story you just read shows how difficult it can be to get started with a standardized approach to IT management and to ensure that controls and risk management are understood. For this discussion, research the library and Internet for information about Control Objectives for Information and related Technology (COBIT) and ISO 27002, and then respond to the questions. Consider the difficulties faced in the story and how some of these difficulties were overcome when responding to the assignment questions.

write with minimum of 800 words that respond to the following questions with your thoughts, ideas, and comments.Be substantive and clear, and use examples to reinforce your ideas.

Today, organizations require significant management oversight and IT governance to ensure that controls and risk management are enforced and understood. One of the IT frameworks for ensuring that there is a common language for both management and IT personnel to manage risks, IT services, and the delivery of value is COBIT. In your main post this week, describe the following:

How does COBIT provide IT processes, goals, and metrics to mitigate security risks and develop a security policy?

What is the purpose of the Responsible, Accountable, Consulted, and Informed (RACI) chart?

How does COBIT integrate standards such as NIST SP 800-53, ITIL, ISO 27001, and ISO 27002?

Note-please make it very effectively very very very important no plagiarism and all must be answered very clearly and in detail

Please be on time

Very very important please answer each and every question in detail

 

 

………………………..Answer preview……………………………..

The continuity of many businesses depends on their ability to meet performance and compliance requirements. Control Objectives for Information and Related Technology (COBIT) significantly helps the organizations in the quest for meeting performance and compliance requirements (Kelley, 2009). Companies use COBIT to meet regulatory requirements, develop Information Technology (IT) risk management frameworks, assess the IT processes capabilities and integrate all functions of their IT department to a common model……………………

APA

879 words

× Lets chat on whatsapp?