Audit or review of the information security issues, Computer Network Security

Using the selected approach, you should then conduct an audit or review of the information security issues associated with the use of computing facility and report on the findings.  It is important that in conducting this review, issues around the risks associated with the particular circumstances of your facility are appropriately considered.  It is also important that the review extends beyond the simple technical aspects of the situation.

Your report should include the following details:

  • a discussion of the methodology or review approach that you have adopted. You should identify the approach, briefly outline it key features, and you should provide a justification as to why this is an appropriate tool for this assignment. Where you have taken a recognised approach (or combination of approaches) and have modified them to suit the particular circumstances of this review, you should outline any rationale for these modifications;
  • a summary of the tasks undertaken to conduct the review. What steps did you follow in conducting the review? What evidence did you consider in helping you form your views? What tests did you perform in order to verify the answers to key review questions?
  • the findings of your review and recommendations for improvement. What issues from the situation came up looking good in the review, and where was there room for improvement? What things would you change in order to improve the information security environment?
  • a brief reflection on the methodology or review approach, following your experience of applying it to your personal computing facilities. Do you think this approach targeted the right issues? Did it leave anything out that you could see might be a significant information security issue? Did it expect certain security measures that you would regard as being unreasonable (assuming that you have applied the methodology in an appropriate way)? Did the approach allow for an adequate consideration of your risk profile and make allowances for risk management with these issues?
Posted Date: 2/20/2013 2:26:13 AM | Location : United States







Related Discussions:- Audit or review of the information security issues, Assignment Help, Ask Question on Audit or review of the information security issues, Get Answer, Expert's Help, Audit or review of the information security issues Discussions

Write discussion on Audit or review of the information security issues
Your posts are moderated
Related Questions
Hypothetical reliable data transfer protocol: A jumping window based Go-back-N  ARQ protocol for file transfer using UDP as the transport protocol: In this protocol, a window o

You have been asked to setup a remote temperature sensing system for an electric furnace. The system consists of a sensor unit which feeds an analogue signal to a PCM encoder. The

Problem a) Consider a 1000 Mbps Ethernet with a single Store-N-Forward switch mid-way in the path between two nodes A and B. Assume that there are no other nodes on the network

UDP COMMUNICATION SEMANTICS:  UDP needs IP for all delivery, that is, similar best effort delivery as IP. To use UDP, an application have to either be immune to the causes or

Threat Identification After identifying and performing a primary classification of an organization’s information assets, the analysis phase moves onto an examination of threats

Problem 1: Discuss how TWO of the following gurus have contributed to the Quality Movement, highlighting the major points of their philosophies: (a) Edward Deming (b) Jose

Question : a) Below is a capture of an Ethernet II frame which contains an IPv4 packet and a TCP segment. Give the source MAC address for the frame in hexadecimal; the source I

Example : UCSF Medical Center In the year 2002, the University of California, San Francisco (UCSF) Medical Center received an email message from someone who claimed to be a doct

Management of Classified Data Management of classified data comprises of its storage, distribution, portability, and destruction of classified data. All information which is not

Base lining •    Organizations do not have any contact to each other •    No two organizations are identical to each other •    The best practices are a moving target •    K