SLP 4 is in two parts.
Part I: Information Security
Information security has been a theme that has appeared in movies frequently. For example, watch the following clips.
http://www.youtube.com/user/VormetricInc?v=HS4dwpANUhA
This SLP assignment is very different from what we have been used to. We are going to review and apply what we have learned so far while having fun. Your task is to describe scenarios related to information security system or information security comprises in movies and TV series that you are familiar with. Be creative. In this assignment, you are required to write 3-5 pages discussing the following:
Include at least 2 movies or TV episodes;
Cover at least three different information security aspects.
Part II: Standard Organizations
This assignment requires you to research the main organizations of information system and prepare a 3- to 5-page report to answer the following questions
What are the codes of ethics of these organizations?
Discuss criteria that can be used to evaluate whether an information security system is a quality system, explain why you decide to use these criteria.
your paper should be from 6 to 10 pages long. Combine Parts I and II into a single report, labeling each part accordingly.
Reading material
Designing and Implementing an Effective Information Security Program: Protecting The Data Assets of Individuals, Small And Large Businesses. Retrieved on March 18, 2013, from http://www.sans.org/reading_room/whitepapers/hsoffice/designing-implementing-effective-information-security-program-protecting-data-assets-of_1398
Implementing an Effective IT Security Program. Retrieved on March 18, 2013, from http://www.sans.org/reading_room/whitepapers/bestprac/implementing-effective-security-program_80
A Success Strategy for Information Security Planning and Implementation A guide for executives. Retrieved on March 18, 2013, from http://www.citadel-information.com/wp-content/uploads/2010/12/success-strategy-for-infosec-planning-and-implementation-0801.pdf
Implementing Methodology for Information security management system. Retrieved on March 18, 2013, from http://www.giac.org/paper/gsec/2693/implementation-methodology-information-security-management-system-to-comply-bs-7799-requi/104600
ISO 27001 Information security management systems. Retrieved on March 18, 2013, from http://www.youtube.com/watch?v=V7T4WVWvAA8&list=PL5E6D4A5B33DCAE78
Information Security Management Best Practice Based on ISO/IEC 17799. Retrieved on March 18, 2013, from http://www.arma.org/bookstore/files/Saint_Germain.pdf
Information security management systems ISO/IEC 27001:2005. Retrieved on March 18, 2013, from http://www.slideshare.net/ControlCase/isms-presentation-oct-202012
Annual Maintenance For Computers. Retrieved on March 18, 2013, from http://itsecurity.vermont.gov/maintenance
Information Security Program Guide for State Agencies. Retrieved on March 18, 2013, from http://www.cio.ca.gov/ois/government/documents/pdf/info_sec_program_guide.pdf
Optional Reading/Viewing
Best Practices for Implementation Success. Retrieved on March 18, 2013, from http://www.youtube.com/watch?v=JpIxPKa_RJQ
Information Security is about far more than just the technology. Retrieved on March 18, 2013, from http://www.youtube.com/watch?v=I2DcT9RENVM
Information security supercut. Retreived on March 13, 2013, from http://www.youtube.com/user/VormetricInc?v=HS4dwpANUhA
Information SecurityBefore & After Public-Key Cryptography. Retrieved on March 13, 2013, from http://www.youtube.com/watch?v=1BJuuUxCaaY
Brad Templeton The Future of Computer Security. Retrieved on March 13, 2013, from http://www.youtube.com/watch?v=t8QuUEwrKm8
