Submit a 800- to 1000-word paper that fully addresses the following questions. (With a typical font and spacing this will be between 3 and 4 pages). You are highly encouraged to use the assigned readings as a primary reference and to cite your references liberally. (Properly document all sources using APA format.)
You are also encouraged to use first- and second-level headers for clear organization. Be concise and objective (as appropriate) in your paper. When you are defending a solution, subjectivity is appropriate. However, your approach should always be scholarly.
In your paper, address the following questions:
Explain the terms information security, security governance, and information security management and distinguish between them.
Describe and explain what a top-down management approach is and why this approach is valuable for an information security management program.
Describe and explain what ROI on security is; tell why this important for an information security program.
Hls 625 Module Paper 1: Information Security Management Name Institution Date Information Security Management Information security is an act or practice of protecting information, and data from unauthorized access, use, destruction, modification, disruption, and disclosure. Information security is a strategy that comprises all the tools and processes required to detect and prevent data from threats. Several processes and policies are involved in order to detect and prevent malicious practice. Security governance is a set of many disciplinary structures, procedures, processes, policies, and control, which is implemented to manage information. Information governance is done at enterprise levels so as to support operational requirements, legal, risk, and future regulatory of an organization. Security governance is a system of IT security that is directed and controlled by an organization, and is there to ensure that security strategies can cope with the business objectives and are compatible with the regulations (Yaokumah & St