Answered You can buy a ready-made answer or pick a professional tutor to order an original one.

QUESTION

Discussion TopicThis discussion focuses on mapping cloud security controls to existing frameworks or regulations.You will need to create 1 new thread AND post AT LEAST 2 comments on other students' th

Discussion Topic

This discussion focuses on mapping cloud security controls to existing frameworks or regulations.

You will need to create 1 new thread AND post AT LEAST 2 comments on other students' threads. Here's how to get started:

Download the Cloud Security Alliance (CSA) Cloud Controls Matrix spreadsheet. (A quick Internet search should give you the address of the most current version for download.) Under the "Scope Applicability" heading, select a category that is applicable to the organization for which you work. For example, if your organization handle personal medical data and uses the COBIT framework, you could choose either COBIT or HIPAA/HITECH. Once you select a category, choose  row from "Control Domain" (that no other student has already selected!) Then, create a new thread in this week's discussion with the title from column B (i.e. CCM V3.0 Control ID.) Explain the control domain, how it maps to your chosen scope, and specifically what your organization does to implement the stated control.

If you don't know which scope applies to your organization, just use the University of the Cumberlands (UC) as your organization. As a university, we are under the domain of FERPA, So, is you choose UC, you would need to choose a Control Domain and explain how it maps to FERPA, and how UC implements the controls. 

So, here's an example. Let's suppose I work for a large on-line retailer. We handle payment cards and are therefore under PCI DSS requirements. I'll select BCR-03 control ID (Business Continuity Planning.) So I would create a new thread in this week's discussion with the title "BCR-03." Then I'd explain what BCR-03 is, what it maps to in PCI DSS (4.1, 4.1.1, 9.1, 9.2), and then I'd explain what my organization does to comply with this control requirement. 

Once you create your new thread, you need to find AT LEAST 2 other threads from other students and comment on their threads. Make sure your comments are more than "I agree", or "Good post."

Show more
Geffmurimi
Geffmurimi
  • @
  • 1030 orders completed
ANSWER

Tutor has posted answer for $10.00. See answer's preview

$10.00

*********** ***************** ************************ **** contemporary ********** ** organization uses **** ******* ******* for most of its ******** ************ In **** ******* *** ************ ******* * *** ** ********* **** ** light of *** ************ *** sensitivity ** *** **** *********** *********** *** organization uses PCI *** * ** *** *** ******* ******** of **** The ******* ****** DSI-07 ********* under *** title “Data ******** & *********** ********* Management” espouses to establish *** ****** ********** for secure **** disposal ****** **** into *** *** 31 ** 981 *** * ** ** it ******** **** *** *********** policies *** ********** are *********** ** ensure **** *** *** **** ******* from ******* ******* is *** *********** through *** ***** ** ******** ************ *** *** 31 requires **** *** ******** *** ********* ** **** cardholder **** ** the ******* PCI *** ** ***** *** the *********** ** any **** media when ** ****** needed *** ** *** ******** ******* or ***** ******* *** DSS 981 ***** for *** physical destruction ** data ***** *** *** 982 ******** *** ******** *********** ** ********** ****** organization ******* *** ******** industry ******* ** its ****** ** **** ********* ** ** conducts a quarterly ******** ** **** ** maintain *** ******** ******** *** ********* ** *** ************ *** ********** ** **** **** data **** ** *** ****** ** ******* while *** data in *** ** retained ** ************ ****** ******** ***** ** tax reports **** ***** **** ***** since it **** ** ****** ** relevant for ******** *** ***** reasons ** organization **** shredding ** destroy ********** *********** **** ** paper *** ensures **** *** ******** ****** *** incinerated *** ******* of shredding ** left ** a *** ********* ** ****** *** ************** ** *** process ********** data * the computers are ******* ***** data ******* ******** **** Blancco ** ********* ***** ******** *******

Click here to download attached files: DSI.docx
or Buy custom answer
LEARN MORE EFFECTIVELY AND GET BETTER GRADES!
Ask a Question