Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Select two principles for policy and standards development (accountability, awar

ID: 3545422 • Letter: S

Question

Select two principles for policy and standards development (accountability, awareness, ethics, multidisciplinary, proportionality, integration, defense-in-depth, timeliness, reassessment, democracy, internal control, adversary, least privilege, continuity, simplicity, and policy-centered security). Examine how these principles would be the same and different for a health care organization and a financial organization.

Determine which type of organization would have the most difficulty implementing the principles you selected. Support your answer.

Explanation / Answer

The responsibility for university-wide IT policy management has been assigned to Information and Infrastructure Assurance (IIA). This includes:

The IT policy framework covers all campuses, including Flint, Dearborn, and the Health System; unit-level policies and guidelines (including for the Flint and Dearborn campuses) are out of scope. University IT policies apply to all users of U-M IT resources, including students1, faculty, staff, and sponsored or guest users.

The IT policy structure and process employ the following principles:

The roles and responsibilities defined below represent the staff positions or groups most directly involved in IT policy development.

Chief Information Officer (CIO): The CIO has overall responsibility for IT policy and policy development atU-M, and approves new and revised standards and guidelines based on the recommendation of the Executive Director.

IIA Council: The Council provides ongoing oversight and direction for IT policy program; sets policy development priorities; and reviews and approves new or revised policies as the first level of governance approval.

Chief Information Security Officer (CISO)/IIA Executive Director: The CISO works with the IT Policy Manager and Lead to ensure alignment of the IT Policy program with strategic ITS and NextGen Michigan objectives and priorities. The Executive Director also serves as the liaison between the IIA staff managing the IT policy function and the CIO, the IIA Council, and the IT Council.

IT Policy and Compliance Staff: IT policy and compliance staff provide overall direction for the IT policy function, including responsibilities for identifying and prioritizing policy needs, ensuring appropriate campus involvement in policy development, and conducting research and benchmarking for emerging policy development.

The IT Policy and Compliance Lead provides day-to-day staff support for the policy development function, serves ex officio on policy development working groups, and plans and executes policy education and awareness efforts. Specifically, this includes managing an annual review and analysis of existing policies, standards, and guidelines for continued applicability and effectiveness; interpretation of current policies in response to unit/departmental inquiries or specific incidents.

The IT governance structure established in 2010 is intended to set campus-wide priorities for IT services, resources, and facilities. An important foundation in support of these priorities involves reestablishing a campus-wide IT policy function.

The IT policy function shall reside with the Office of the Chief Information Officer, with delegated responsibilities to Information and Infrastructure Assurance for policy development, coordination, education, and maintenance.

The following identifies the different levels of governance review and vetting of policies, standards and guidelines (initially drafted by IT policy development working groups):

CISO/IIA Executive Director: Initial review of policies, guidelines, and standards

IIA Council: First level of governance review for IT policies, standards, and guidelines

CIO: Second level of governance review for IT policies; final approval of guidelines and standards before adoption and dissemination to campus

IT Council: Third level of governance review for IT policies; new or substantially revised policies require IT Council approval

IT Executive Committee: Final level of governance review for IT policies; policies recommended for adoption as a new or revised Standard Practice Guide require approval of the IT Executive Committee.

Campus stakeholders will be engaged throughout the IT policy development process

Related Questions

Select the true statements about protein secondary structure. Select the true st
Question #963866
Select the true statements about x-ray crystallography and NMR. (There is more t
Question #889072
Select the true statements below regarding the ATP synthase. The g subunit is as
Question #23996
Select the true statements from list below. Accuracy is how close a series of me
Question #1411080
Select the true statements from the following: Al 2 O 3 (s) is insoluble in wate
Question #891997
Select the true statements regarding ions, electrolytes, and free radicals. Chec
Question #162768
Select the true statements: F. In a structural induction proof, to show that a s
Question #3167598
Select the two objectives to keep in mind when designing a good experiment. A) R
Question #3053404
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Select two pages at random from your favorite literary book, and for each word o
Next
Select two print advertisements for products from the same product category, but

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.