Information security policy practices and standards, Computer Network Security

INFORMATION SECURITY POLICY PRACTICES AND STANDARDS

Management from all the communities of interest should consider policies as basis for all information security efforts. Policies direct that how issues should be addressed and technologies to be used. The Security policies are least costly controls to execute but most difficult to implement properly, as shaping policy should never conflict with laws& should be properly administered through dissemination.

Policy is plan of action used by organization to convey the instructions from management to those who make decisions and then perform duties. These are organizational laws.

Standards are more detailed statements of what should be done to comply with policy. Practices, procedures and guidelines explain how to comply with the policy. For a policy to be effective, it should be properly disseminated, read, understood and agreed by all members of the organization. The following Figure shows policies as the force which drives standards, which in turn drive guidelines.

 

 

1242_INFORMATION SECURITY POLICY PRACTICES AND STANDARDS.png

                   887_INFORMATION SECURITY POLICY PRACTICES AND STANDARDS.png

 

 

 

 

                                           Policies, Standards, and Practices

 

 

Posted Date: 10/9/2012 2:58:43 AM | Location : United States







Related Discussions:- Information security policy practices and standards, Assignment Help, Ask Question on Information security policy practices and standards, Get Answer, Expert's Help, Information security policy practices and standards Discussions

Write discussion on Information security policy practices and standards
Your posts are moderated
Related Questions
QUESTION (In this question, you will need to use the ISO 27001:2005 and ISO 27002:2005 standards) For each of the situations below, comment on the following: 1. Mention

FRAME FORMAT AND ERROR DETECTION The changed frame format also adds CRC. If there is an error happened in frame, then it typically causes receiver to removed frame. The frame

Problem 1: What does the SNMP access policy show? SNMP community diagram SNMP access policy Problem 2: Does there exist any formal functional specificat

Discuss the risks of having a single root user

Problem: (a) What do you meant by Network Address Translation (NAT)? Why is it used? (b) Given the following information by your ISP about your newly acquired Frame Relay c

Maximum Transmission Unit  (MTU) Each hardware method specification adds the definition of the maximum size of the frame data area, which is known the Maximum Transmission Uni

Describe the salient features of the multimedia. Also explain the applications of it. Multimedia can be understood as follows: Multimedia is on the whole a media which makes

Problem (a) IT Service Support within the ITIL framework is divided in a number of processes. Compare and contrast the following processes: i. Incident Management and Problem M

(a) Describe RSA encryption. (b) For an RSA encryption the values of the primes are: p=29, q=31. select e=11, evaluate the public and private keys. (c) How can RSA be used fo

QUESTION a) "Two of the key attributes of an enterprise network is that it have to be multi-platform and multisite." Decribe what you understand by this statement. b) A