Learning Objectives and Outcomes
- Understand the importance of information security
- Identify the controls or situations within the discussions.
Assignment Requirements
- Discuss and describe the CIA Triad.
- What are the requirements to hold a person accountable for the actions of their user account?
- Name the six primary security roles as defined by (ISC)2 for CISSP.
- What are the four components of a complete organizational security policy and their basic purpose?
Struggling with where to start this assignment? Follow this guide to tackle your assignment easily!
Use this step-by-step guide to help students clearly structure and write their assignment on the CIA Triad, accountability requirements, CISSP security roles, and organizational security policies.
✅ Step-by-Step Guide for Completing the Assignment
Step 1: Start With a Strong Introduction
Your introduction should briefly explain:
-
The importance of information security
-
Why organizations must protect data
-
How frameworks like the CIA Triad and defined security roles help ensure safe operations
Keep it to one concise paragraph that previews the topics you will cover.
Step 2: Explain the CIA Triad
Create a section titled “The CIA Triad” and describe each component:
1. Confidentiality
-
Ensures information is protected from unauthorized access
-
Includes encryption, access controls, authentication
2. Integrity
-
Ensures data is accurate, unchanged, and trustworthy
-
Includes hashing, file permissions, version control
3. Availability
-
Ensures information and systems are accessible when needed
-
Includes redundancy, backups, uptime monitoring, disaster recovery
Use examples to demonstrate your understanding.
Step 3: Describe What Is Required to Hold a User Account Holder Accountable
Create a section titled “User Accountability Requirements.”
Explain that a person can be held accountable only when:
-
Identification – The user has a unique identity (e.g., username).
-
Authentication – Proof the user is who they claim to be (password, MFA, biometrics).
-
Authorization – The user receives specific permissions.
-
Auditing/Logging – Actions are traceable back to the specific user.
Clarify that accountability depends on controls being in place to prove who performed which actions.
Step 4: List and Describe the Six Primary Security Roles per (ISC)² CISSP
Use a section titled “Six Primary Security Roles (ISC)² CISSP).”
List and briefly describe each role:
-
Senior Management – Ultimately responsible for security; approves policies.
-
Security Administrator – Implements, manages, and enforces security controls.
-
Security Officer – Oversees daily security operations and compliance.
-
User – Follows policies and uses systems responsibly.
-
Owner (Data Owner) – Determines data classification and access rules.
-
Custodian – Maintains and protects data according to the owner’s direction.
Provide real-world examples where possible.
Step 5: Explain the Four Components of a Complete Organizational Security Policy
Create a section titled “Components of an Organizational Security Policy.”
Describe the four essential components and their purpose:
1. Program Security Policy
-
High-level, organization-wide guidance
-
Defines security goals and management’s commitment
2. Issue-Specific Security Policy
-
Covers specific topics (e.g., email use, internet access, password policy)
3. System-Specific Security Policy
-
Covers configuration and security requirements for particular systems or technologies
4. Procedures and Standards (Implementation Policies)
-
Provide step-by-step instructions and requirements to enforce policies
-
Ensure consistency, compliance, and clarity
Explain how these work together to support a complete organizational security posture.
Step 6: Write a Brief Conclusion
End with a strong concluding paragraph summarizing:
-
Why information security is critical
-
How the CIA Triad, accountability controls, system roles, and organizational policies all work together
-
The importance of structured roles and clear policies in protecting data
📚 Helpful Resources You Can Use
Information Security Foundations
-
NIST Cybersecurity Framework
https://www.nist.gov/cyberframework -
ISO/IEC 27001 Security Standards
https://www.iso.org/isoiec-27001-information-security.html
CIA Triad & Security Concepts
-
SANS Institute – Security Resources
https://www.sans.org/white-papers/
CISSP Role Definitions
-
(ISC)² CISSP Reference
https://www.isc2.org/certifications/CISSP
Security Policies & Governance
-
NIST SP 800-12 Rev. 1 – An Introduction to Information Security
https://csrc.nist.gov/publications/detail/sp/800-12/rev-1/final
Place this order or similar order and get an amazing discount. USE Discount code “GET20” for 20% discount