1.) Our class
focuses on integrating several aspects of information
security/assurance. Part of an overall integrated approach to achieving
a comprehensive information assurance program is compliance management.
As you are aware there are a number of government regulations that
affect both the public and private sector. Please read Learn the Science of Compliance.pdf.
The author makes a strong case for centralized management of IT
compliance and the use of software tools to assist in managing
You are the CISO of a large private financial
company that is traded on the NY Stock Exchange. You were tasked by
the the CIO to develop an IT compliance management program for your
organization. What approach would you take to develop such a program?
What regulations impact the organization? Would you consider the use of
a compliance tool? If so which one and how would you justify the
Remember to cite your sources and to give a complete answer to the questions posed above.
2.)Read the Wachovia Case Study located here, http://gilbane.com/case_studies_pdf/CTW_Wachovia_Final.pdf#_Toc88022904.
select five of the most important concepts that you identified that
contributed to the success of integration of IT capabilities. Explain
why you chose each one.