Information security governance

Information security governance

For this assignment, you will expand the IT and information security governance section of your manual for your selected organization. The strategy should address any organizational, government, or regulatory security requirements that you listed in the IT and information security governance section that you prepared for the previous assignment.

The project deliverables are the following:

Update the IT Governance Policies and Procedures Manual title page with the new date and project name.

IT and Information Security Governance

Explain the importance of information security laws and regulations.

Interpret impacts of information security laws and regulations on your information security program.

List and describe the information security risks with attention to the organizational, governmental, and regulatory requirements that your organization may face.

Prepare policies and procedures to address the risks.

Define the baseline controls that will be used to measure the effectiveness of your strategy and describe how these data will be collected and used for auditing and improvement purposes.