Information security policy practices and standards, Computer Network Security

INFORMATION SECURITY POLICY PRACTICES AND STANDARDS

Management from all the communities of interest should consider policies as basis for all information security efforts. Policies direct that how issues should be addressed and technologies to be used. The Security policies are least costly controls to execute but most difficult to implement properly, as shaping policy should never conflict with laws& should be properly administered through dissemination.

Policy is plan of action used by organization to convey the instructions from management to those who make decisions and then perform duties. These are organizational laws.

Standards are more detailed statements of what should be done to comply with policy. Practices, procedures and guidelines explain how to comply with the policy. For a policy to be effective, it should be properly disseminated, read, understood and agreed by all members of the organization. The following Figure shows policies as the force which drives standards, which in turn drive guidelines.

 

 

1242_INFORMATION SECURITY POLICY PRACTICES AND STANDARDS.png

                   887_INFORMATION SECURITY POLICY PRACTICES AND STANDARDS.png

 

 

 

 

                                           Policies, Standards, and Practices

 

 

Posted Date: 10/9/2012 2:58:43 AM | Location : United States







Related Discussions:- Information security policy practices and standards, Assignment Help, Ask Question on Information security policy practices and standards, Get Answer, Expert's Help, Information security policy practices and standards Discussions

Write discussion on Information security policy practices and standards
Your posts are moderated
Related Questions
Example : UCSF Medical Center In the year 2002, the University of California, San Francisco (UCSF) Medical Center received an email message from someone who claimed to be a doct

Is standard TCP effective in mobile wireless networks that operate with the IEEE 802.11 wireless local area network protocol?Discuss the issue

How much would it cost to have a project completed by tomorrow night?

QUESTION A small ISP requests your help. The technicians report that they have had no downstream access to the Internet. They believe the problem lies with their access provide

CRC in matlab

TCP-RELIABLE TRANSPORT SERVICE INTRODUCTION:  TCP is the major transport protocol architecture in the TCP/IP suite. It uses unreliable datagram function offered by IP whe

Question: (a) Distinguish between a mobile agent "state" and "code". (b) Differentiate between "weak" and "strong" mobility. (c) Mobile agent systems are known to have

Q. Develop a completely secure WSN based on the triple key? Wireless network is the most vulnerable type of network to security attack. Unauthorized access to wireless network

Question: a) You are using Active Directory Users under Windows Server 2003 and Computers to configure user objects in your domain, and you are able to change the address and

TCP and UDP End-to-end delivery application is connection less. The basic function of connectionless service are as given: It adds extension of LAN abstraction. It has simp