Nishant Shah

What is meant by the term “acceptable information system security risk”? Who within the organization determines what is the acceptable level of information system risk? How does an organization determine wha […]

What is meant by the term “acceptable information system security risk”? Who within the organization determines what is the acceptable level of information system risk? How does an organization determine what is […]

What is an information risk profile? How is it used?  Why is it critical to the success of an organization’s risk management strategies and activities?

How would you go about creating an information risk profile for a small start-up business? Describe what the risk profile for the business would contain?  How should the business use the risk profile?

Presentation: Slides

Quiz w/solutions Quiz w/solutions

Presentation: Presentation

Quiz w/solutions” Quiz w/solutions

What are the 3 types of risk mitigating controls? Which is the most important?  Why is it the most important?
How you would apply the FIPS security categorizations to decide if each of the information […]

What are the 3 types of risk mitigating controls? Which is the most important?  Why is it the most important?

How you would apply the FIPS security categorizations to decide if each of the information security risk mitigations (“safeguards”) described in the FGDC guidelines is needed?

Which two information security objectives could be put at risk if the alternative mitigations (i.e. “safeguards”) recommended by the FGDC guidelines are applied?  Explain how each of the two objective is put at […]

Practice Quiz:Quiz

Presentation:Slides

Thank you for your participation in class and an excellent discussion during our first class.

Presentation: Slides

Questions:

Do ITACS students represent information security vulnerabilities to Temple University, each other, or both? Explain the nature of the vulnerabilities.

Is information security a technical […]

Do ITACS students represent information security vulnerabilities to Temple University, each other, or both?
Explain the nature of the vulnerabilities ITACS students represent in the context(s) you chose?

Is information security a technical problem, a business problem that the entire organization must frame and solve, or both?  Explain the nature of the problem in the context(s) you chose.

Provide an example of a measurement used in quantitative information security risk analysis.
What challenges are involved in calculating such a measurement?

Post your In the News articles and their URL links here:

In this course you will learn key concepts and components necessary for protecting the confidentiality, integrity and availability (CIA) of information assets. You will gain an understanding of the importance and […]