Information security policy practices and standards, Computer Network Security

INFORMATION SECURITY POLICY PRACTICES AND STANDARDS

Management from all the communities of interest should consider policies as basis for all information security efforts. Policies direct that how issues should be addressed and technologies to be used. The Security policies are least costly controls to execute but most difficult to implement properly, as shaping policy should never conflict with laws& should be properly administered through dissemination.

Policy is plan of action used by organization to convey the instructions from management to those who make decisions and then perform duties. These are organizational laws.

Standards are more detailed statements of what should be done to comply with policy. Practices, procedures and guidelines explain how to comply with the policy. For a policy to be effective, it should be properly disseminated, read, understood and agreed by all members of the organization. The following Figure shows policies as the force which drives standards, which in turn drive guidelines.

 

 

1242_INFORMATION SECURITY POLICY PRACTICES AND STANDARDS.png

                   887_INFORMATION SECURITY POLICY PRACTICES AND STANDARDS.png

 

 

 

 

                                           Policies, Standards, and Practices

 

 

Posted Date: 10/9/2012 2:58:43 AM | Location : United States







Related Discussions:- Information security policy practices and standards, Assignment Help, Ask Question on Information security policy practices and standards, Get Answer, Expert's Help, Information security policy practices and standards Discussions

Write discussion on Information security policy practices and standards
Your posts are moderated
Related Questions
IP DATAGRAM SIZE:  Datagrams may have different sizes i.e. Header area is generally fixed (20 octets) but can have various options. Data area may contain between 1 octet and 6

Question: (a) Data on four variables are stored in a file called file1.dat. The first line of the file is the variable names f, x, y and z. Give the R commands to (i) read t

Da t a compre s sion and the trans p ort s e rvices,   The main purpose of the transport layer is to provide services which are efficient, reliable and cost-effecti

What is the concept of topology?

RING topology all computers are connected in loop. A ring topology is a network topology in which every node connects to exactly two other devices, forming a single continuous pa

Discuss how developers should apply the following countermeasures to improve the security of their code:

Q. Develop a completely secure WSN based on the triple key? Wireless network is the most vulnerable type of network to security attack. Unauthorized access to wireless network

Write down the significance of the syntax conversion . Syntax Conversion is described below: Syntax conversion is a significant function carried out in the presentation layer. I

Improving domain blacklisting: Current domain blacklisting techniques are not very effective as spammers keep replacing blacklisted domains with newly registered domains. Also

QUESTION : a) A datagram of 3000 bytes has to travel over a network with a MTU size of 1000 bytes. Describe how fragmentation can be used to solve this problem. You should pr