Information security policy practices and standards, Computer Network Security


Management from all the communities of interest should consider policies as basis for all information security efforts. Policies direct that how issues should be addressed and technologies to be used. The Security policies are least costly controls to execute but most difficult to implement properly, as shaping policy should never conflict with laws& should be properly administered through dissemination.

Policy is plan of action used by organization to convey the instructions from management to those who make decisions and then perform duties. These are organizational laws.

Standards are more detailed statements of what should be done to comply with policy. Practices, procedures and guidelines explain how to comply with the policy. For a policy to be effective, it should be properly disseminated, read, understood and agreed by all members of the organization. The following Figure shows policies as the force which drives standards, which in turn drive guidelines.









                                           Policies, Standards, and Practices



Posted Date: 10/9/2012 2:58:43 AM | Location : United States

Related Discussions:- Information security policy practices and standards, Assignment Help, Ask Question on Information security policy practices and standards, Get Answer, Expert's Help, Information security policy practices and standards Discussions

Write discussion on Information security policy practices and standards
Your posts are moderated
Related Questions
PARITY BIT: A parity bit is an extra bit transmitted with data item select to give the resulting bit odd or even parity. For example an even parity data packet 10100001 has p

You are free to design the format and structure of the routing table kept locally by each node and exchanged among neighboring nodes. 1. Upon the activation of the program, each

How safe is the encryption of virtual private networks?

Using the selected approach, you should then conduct an audit or review of the information security issues associated with the use of computing facility and report on the findings.

TCP and UDP End-to-end delivery application is connection less. The basic function of connectionless service are as given: It adds extension of LAN abstraction. It has simp

a) Define the term "Enterprise Network". b) Briefly discuss the similarity and differences between a switch and a router. c) A company XYZ has been renting the 1 st Floor of

Question: (a) Explain and illustrate with a drawing the three-layer feedforward multilayer perceptron neural network. (b) Summarize the standard backpropagation algorithm in

QUESTION: a) Explain four issues that are generally addressed in the Needs Analysis phase in the building-block approach to network design. b) Sketch a typical hybrid star-b

what is computer network?

Question: (a) Data on four variables are stored in a file called file1.dat. The first line of the file is the variable names f, x, y and z. Give the R commands to (i) read t