Chief Information Security Officer-Level Risk Assessment

The objective of this work in writing is to examine Chief Information Security Officer-Level Risk Assessment. Specifically, the scenario in this study is securing information for the local Emergency Management Agency in an Alabama County. The Director of Emergency Management in this County has tasked the Chief Information Security Officer with setting out a plan for information security of the Department's networking and computing systems.

Information Security Management involves the "identification of an organization's assets and the development, documentation, and implementation to policies, standards, procedures, and guidelines, which ensure their availability, integrity, and confidentiality." (Official ISC Guide to the CISSP Exam, nd) Threats are identified, assets classified and security controls implemented through use of "data classification, security awareness training, risk assessment, and risk analysis and as well their vulnerabilities are rated. (Official ISC Guide to the CISSP Exam, nd)

Risk management involves the "identification,...
[ View Full Essay]