Introduction to data communication ,Basic
ErickWasonga2
9 views
3 slides
Jul 30, 2024
Slide 1 of 3
1
2
3
About This Presentation
Basic knowledge on data comm
Slide Content
Week 04-08/March
Topics
i.Security Risk Terminology
ii.Risk Management
iii.Risk Controls
Outcomes
On completion of this unit, students will be able to explain key
security controls of the critical resources of information system
Describe security management and set related security
measures.
Materials and Resources
Syllabus, handouts, whiteboard, non -permanent markers, computer
terminals and Online Platforms
TEXT BOOKS:
Principles of Information Security by Michael E. Whitman and
Herbert J.Mattord
Information Security ”The Complete Reference
TM
by Mark S. Merkow
Jim Breithaupt
1
ISS_2024-i ©Gabriel
Topics
i.Security Risk Terminology
ii.Risk Management
iii.Risk Controls
Outcomes
On completion of this unit, students will be able to explain key
security controls of the critical resources of information system
Describe security management and set related security
measures.
Materials and Resources
Syllabus, handouts, whiteboard, non -permanent markers, computer
terminals and Online Platforms
TEXT BOOKS:
Principles of Information Security by Michael E. Whitman and
Herbert J.Mattord
Information Security ”The Complete Reference
TM
by Mark S. Merkow
Jim Breithaupt
1
ISS_2024-i ©Gabriel
Risk Terminology & Management
Information security professionals must know their
organizations’ information system assets: identify, classify,
and prioritize them.
Key Terms:
Asset
Vulnerability
Risk: “effect of uncertainty on objectives” (ISO 31000).
Risk identification
Risk assessment
Impact
Risk Management: coordinated set of activities and method
to control risks.
ISS_2024_i ©Gabriel 2
Information security professionals must know their
organizations’ information system assets: identify, classify,
and prioritize them.
Key Terms:
Asset
Vulnerability
Risk: “effect of uncertainty on objectives” (ISO 31000).
Risk identification
Risk assessment
Impact
Risk Management: coordinated set of activities and method
to control risks.
ISS_2024_i ©Gabriel 2
Risk Controls
It´s mandatory to identify, examine, and understand the
current information system in your organization.
Information System Security professional must know what
assets are, where they are, how they add value to the
organizationand the vulnerabilities to which they are
susceptible.
Risk control is any strategy that attempts to eliminate or
reduce any uncontrolled risk through the application of
additional safeguards.
Four Control Alternatives:
Mitigation
Transference
Acceptance
Avoidance
ISS_2024_i ©Gabriel 3
It´s mandatory to identify, examine, and understand the
current information system in your organization.
Information System Security professional must know what
assets are, where they are, how they add value to the
organizationand the vulnerabilities to which they are
susceptible.
Risk control is any strategy that attempts to eliminate or
reduce any uncontrolled risk through the application of
additional safeguards.
Four Control Alternatives:
Mitigation
Transference
Acceptance
Avoidance
ISS_2024_i ©Gabriel 3
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 9
- Slides 3
- Age 489 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
14
Fertility awareness methods for women in the society
Isaiah47
29 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views