This assignment assesses security culture and reviews the GRC security risks.
This unit, Governance, Risk and Compliance (GRC), introduces organizational security by providing a holistic view of how different security fields connect with one another and with the overall needs of an organization.
This shows, how effective security controls at various levels of an organization can create a healthy security culture. Additionally performing risk analysis and threat modeling in order to conceptualize, quantify, and communicate the risk of threats to the proper managerial stakeholders.
The Scenario for this assignment was as follows:
• Employees at SilverCorp are increasingly using their own personal devices for company work.
• Specifically, over half of all employees check their work email and communications via Slack on their personal mobile phones.
• Another 25% of employees are doing other work-related activities using work accounts and work-related applications on their personal phone.
• Allowing sensitive work information to be shared on employees’ personal devices has a number of security implications.
• You must research these security risks and use the security culture framework to develop a plan to mitigate the concerns.