Information security policy practices and standards, Computer Network Security

INFORMATION SECURITY POLICY PRACTICES AND STANDARDS

Management from all the communities of interest should consider policies as basis for all information security efforts. Policies direct that how issues should be addressed and technologies to be used. The Security policies are least costly controls to execute but most difficult to implement properly, as shaping policy should never conflict with laws& should be properly administered through dissemination.

Policy is plan of action used by organization to convey the instructions from management to those who make decisions and then perform duties. These are organizational laws.

Standards are more detailed statements of what should be done to comply with policy. Practices, procedures and guidelines explain how to comply with the policy. For a policy to be effective, it should be properly disseminated, read, understood and agreed by all members of the organization. The following Figure shows policies as the force which drives standards, which in turn drive guidelines.

 

 

1242_INFORMATION SECURITY POLICY PRACTICES AND STANDARDS.png

                   887_INFORMATION SECURITY POLICY PRACTICES AND STANDARDS.png

 

 

 

 

                                           Policies, Standards, and Practices

 

 

Posted Date: 10/9/2012 2:58:43 AM | Location : United States







Related Discussions:- Information security policy practices and standards, Assignment Help, Ask Question on Information security policy practices and standards, Get Answer, Expert's Help, Information security policy practices and standards Discussions

Write discussion on Information security policy practices and standards
Your posts are moderated
Related Questions
Question requires you to develop firewall rules based on a fictitious organisation. Scenario: You work for a security-conscious company, xC-Cure, who develop encryption tec

Question : Wi-Fi protected access (WPA) was specified by the Wi-Fi alliance with the primary aim of enhancing the security of existing 802.11 networks. However, WPA was only a

Scenario: A network with individual hosts (really, virtual machines) can run HTTP (web) servers that are available to the outside. (Here, available means the ability to read and wr

Thinking ethically is difficult without a background in moral philosophy. Asking people to embrace ethics without offering practical explanation of the efficacy of so doing, is a t

Using the selected approach, you should then conduct an audit or review of the information security issues associated with the use of computing facility and report on the findings.

Illustrate about TinySec Protocol TinySec is implemented on the link layer and addresses security requirements of the resource staffed nodes in the WSN based on the link layer

MAC Address The address for a machine as it is identified at the Media Access Control (MAC) layer in the network structure. MAC address is generally stored in ROM on the n

Risk Determination For purpose of relative risk assessment, risk equals probability of vulnerability occurrence TIMES value MINUS percentage risk already controlled PLUS an elem

how much would you charge for minimum 20 pages

Q. Analysis of the Problem of cyber attack? According to the case, The EZ Company is a prominent organization specialized in information integration and visualization technolog