Explain the purpose and role of information security policies in an organization and their relationship to auditing.

All submissions should be done through Blackboard only
All submissions should be in PDF format only containing all required elements and must be submitted using Blackboard by the deadline.
Assessed intended learning outcomes
On successful completion of this assessment, you will be able to:
Critically discuss the nature and purpose of information security related risk management and business continuity planning in an organization, including the importance of quantifying risks and assessing the costs and benefits of putting in place risk management measures.
Explain the purpose and role of information security policies in an organization and their
relationship to auditing.
Critically discuss the issues and problems arising in and from the introduction and implementation of information security policies within organizations, strategies for overcoming these, ethical and legal considerations, and mechanisms for ensuring that policies have been successfully embedded in the organization.