Based on our discussion from class I wanted to use my profession as an example literacy event. I look forward to or discussions.
Literacy Event: Information Security Risk Assessment
Text Related Practice: Risk assessment report highlighting areas of non-compliance
Tensions: Citations for non-compliance/Marinating Compliance
Professional Development: Certified Information Security Assessor
Historical Content: Fines, Major data breaches such as Sony and Target
Policies and Procedures: Vendor management, Information Security and Compliance policies, Legal Guidance
Personal Content: Ensuring security controls are adequate to prevent unauthorized data exposure or negative impact to critical services
Power: Regulators, OCC, HIPPA, GLBA, PCI, Official Contracts
Resistance: Vendors/Business fails to meet compliance due to personal experience and jeopardize organization security
Identity and Belonging: Audit is on one side and the auditee is on the other.
Side note – My goal as auditor is to always help the business succeed. J