Assignment Help:Principles for Policy and Standards Development
Principles for Policy and Standards Development
Select two principles for policy and standards development (accountability, awareness, ethics, multidisciplinary, proportionality, integration, defense-in-depth, timeliness, reassessment, democracy, internal control, adversary, least privilege, continuity, simplicity, and policy-centered security).
Examine how these principles would be the same and different for a health care organization and a financial organization.
Determine which type of organization would have the most difficulty implementing the principles you selected. Support your answer.
provide a brief explanation of the Operationally, Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) methods. Explain how they are beneficial for organizations developing their IT risk management approaches.
explain how the size of the organization impacts the OCTAVE method utilized. Determine the factors that large organizations, as opposed to small organizations, are most concerned with.