Answer to Question 1
Any combination of the following.
1. Create and communicate an enterprise software security framework: The roles, functions, responsibilities, operating procedures, and metrics to deal with security threats and attacks must be clearly defined and communicated to all involved staffs.
2. Knowledge management training: To create a culture for enforcing IT security, an organization should improve the security knowledge of its IT staff and community of users: security policy, standards, design and attack patterns, threat models, etc.
3. Secure the information infrastructure: Along the IT-enabled business process or workflow, security checks using external programs should be identified to allow for monitoring and controls.
4. Assure internal security policy and external regulator compliance: The organization should make sure that, based on IT risk assessment, security requirements are translated into features of the software design to resist attack.
5. Governance: In any project that involves security, security experts must be called upon to participate in the design and implementation process of the system development or maintenance. Proper procedures should be clearly defined before any security breach occurs.
Answer to Question 2
A
The organization of nucleotide sequences in bacterial chromosomal DNA.
Steps toward a Genetic Map
Steps of Infection via Viruses
Typical Organization of the CPT Manual
Example of Tabular List organization levels and formatting.
Simplified diagram of information flow (the central dogma) from DNA to RNA