Discussions
There are two separate topics that needs to be discussed and the information is as below
1. Discuss on the need for RCSA policies and the importance of RCSAs with information security as a focal point.
At the end of the discussion, submit a summary of your learning as a bulleted list that explains the relevance of RCSA policies.
———————————————————————————————————————————————————————————————-
2. Discuss on information dissemination—how to educate employees. For this discussion, you will identify various security awareness training options.
discuss the following:
What would you do if you needed to develop a user training program on security awareness and security policy implementation?
What type(s) of training would you offer? Formal, informal, or both?
List different types of training, such as classroom, computer-based training (CBT), and so on. List the advantages and disadvantages of each. Is one type of training better than the others? Why or why not?
At the end of the discussion, submit a summary of your learning that explains each type of training, and its advantages and disadvantages.
Solution Preview
Question One
The Risk and Control Self-Assessment process is where one looks at the risks that an operating system may face and the control measures get assessed to look at whether it is useful. Information security is essential to business because all critical data that is key to the company’s operation is very private and therefore any risk gets identified and appropriate measures put in place to control the situation (Stallings,2012).
(860 words)