Information security policy practices and standards, Computer Network Security

INFORMATION SECURITY POLICY PRACTICES AND STANDARDS

Management from all the communities of interest should consider policies as basis for all information security efforts. Policies direct that how issues should be addressed and technologies to be used. The Security policies are least costly controls to execute but most difficult to implement properly, as shaping policy should never conflict with laws& should be properly administered through dissemination.

Policy is plan of action used by organization to convey the instructions from management to those who make decisions and then perform duties. These are organizational laws.

Standards are more detailed statements of what should be done to comply with policy. Practices, procedures and guidelines explain how to comply with the policy. For a policy to be effective, it should be properly disseminated, read, understood and agreed by all members of the organization. The following Figure shows policies as the force which drives standards, which in turn drive guidelines.

 

 

1242_INFORMATION SECURITY POLICY PRACTICES AND STANDARDS.png

                   887_INFORMATION SECURITY POLICY PRACTICES AND STANDARDS.png

 

 

 

 

                                           Policies, Standards, and Practices

 

 

Posted Date: 10/9/2012 2:58:43 AM | Location : United States







Related Discussions:- Information security policy practices and standards, Assignment Help, Ask Question on Information security policy practices and standards, Get Answer, Expert's Help, Information security policy practices and standards Discussions

Write discussion on Information security policy practices and standards
Your posts are moderated
Related Questions
Problem 1: Discuss how TWO of the following gurus have contributed to the Quality Movement, highlighting the major points of their philosophies: (a) Edward Deming (b) Jose

GROWTH OF LAN TECHNOLOGY The production of shared communication channels (LANs) started in 1960s and early 1970. The basic idea behind was to reduce the number of connectio

The best results obtained in the PIIT classes have been when the technique has been used in tutorial groups, rather than have students submit individual reflections on particular c

FRAGMENTATION One method is to limit datagram size to smallest MTU of any server. IP needs fragmentation i.e. datagrams can be divided into pieces to fit in network with small

UDP COMMUNICATION SEMANTICS:  UDP needs IP for all delivery, that is, similar best effort delivery as IP. To use UDP, an application have to either be immune to the causes or

(a) Illustrate what you understand by Nyquist Capacity Theorem? (b) Consider we wish to transmit at a rate of 64 kbps over a 4 kHz noisy but error-free channel. What is the mini

Question (a) Consider that you enter the subsequent URL in the address bar of a popular web client and that both the server and client accepts HTTP version 1.1. i. What can be

IPV6 DATAGRAM FORMAT It is given in the figure below:

DATAGRAM REASSEMBLY Recreation of original datagram is known as reassembly. Ultimate receiver acts reassembly as given below.Fragments can reach out of order. Header bit check

Gateways They transfer packets among network machines that have different protocols (e.g. between a WAN and a LAN). They access a packet formatted for one protocol and change