Self-Exercises Information Security Governance Discuss why do we need information security govemance, and give examples Discuss and explain the negative features demonstrated by an organization that has not adopted information security governance, and give examples Discuss the chalenges of ineffective information security governance, and give examples Discuss and describe the requirement for an efective information security program, and give examples s. Discuss and describe the key elements when building an information security program based or ISO 17799, and give examples 6 Discuss the differences between a top-down security program approach and a bottom-up approach, and give examples. Discuss the benefits of information security govemance, and give examples Dicuss on how to govern information security, and give examples. Among the best practices in managing personnel in the context of information security 7. 8 a) Least Privilege b) Mandatory Vacations c) Job Rotation d) Separation of Duties Discuss each of the concepts above, and give examples