A business consulting firm, InfoGather, is interested in create an information security management framework design to meet its security governance objectives. Specifically,InfoGather is heavily...

INFORMATION SECURITY MANAGEMENT FRAMEWORK
Table of Contents
Introduction    2
Information security management framework    2
Business analysis and risk management    3
Description on methodology    3
Recommend tools for implementation    4
Summary Benefits Analysis    5
Conclusion    5
References    6
Introduction
    IT security framework is the series of processes for defining procedures and policies for ongoing management for information security controls. The study describes implementation of the information security management framework in InfoGather that is a business consultancy organization. The framework ensures securing the organization against risk like text, email and other external sources. The framework can be used for prioritizing and defining tasks that are required for managing the security. It supports the specific requirements defined in regulations.
Information security management framework
    The information security management framework includes the process for maintaining and establishing a framework for providing the assurance that information security strategy can be aligned for supporting business objectives. It includes applicable regulation and laws for adhering to internal and policies control for providing responsibility with the effort for managing risk (Alzahrani & Seth, 2021). In InfoGather, it is important to define responsibilities in the organization for accepting and understanding the responsibility in the respect of demand. The strategy for implementation of security management takes into account the future and current capabilities of IT. Senior managers should be involved in establishing the information for security governance and it requires appropriate trained individuals. It includes security priorities that should be communicated with stakeholders for ensuring successful implementation of the security program. The plan should be integrated with management activities for the enterprise that includes enterprise architecture, strategic planning and capital planning. The structure should be appropriate for supporting and required continuous monitoring of performing using tools and information.
Business analysis and risk management
    InfoGather is a business consulting firm and has the requirements for development of information security management framework that is designed for security governance objectives. The company is heavily reliant on the information that is gathered and data is analyzed through internet sources from social media to websites....