Information security policy practices and standards, Computer Network Security

INFORMATION SECURITY POLICY PRACTICES AND STANDARDS

Management from all the communities of interest should consider policies as basis for all information security efforts. Policies direct that how issues should be addressed and technologies to be used. The Security policies are least costly controls to execute but most difficult to implement properly, as shaping policy should never conflict with laws& should be properly administered through dissemination.

Policy is plan of action used by organization to convey the instructions from management to those who make decisions and then perform duties. These are organizational laws.

Standards are more detailed statements of what should be done to comply with policy. Practices, procedures and guidelines explain how to comply with the policy. For a policy to be effective, it should be properly disseminated, read, understood and agreed by all members of the organization. The following Figure shows policies as the force which drives standards, which in turn drive guidelines.

 

 

1242_INFORMATION SECURITY POLICY PRACTICES AND STANDARDS.png

                   887_INFORMATION SECURITY POLICY PRACTICES AND STANDARDS.png

 

 

 

 

                                           Policies, Standards, and Practices

 

 

Posted Date: 10/9/2012 2:58:43 AM | Location : United States







Related Discussions:- Information security policy practices and standards, Assignment Help, Ask Question on Information security policy practices and standards, Get Answer, Expert's Help, Information security policy practices and standards Discussions

Write discussion on Information security policy practices and standards
Your posts are moderated
Related Questions
(a) Describe the concept of zero knowledge proofs. Give a practical example. (b) Explain how a one way hash function works. (c) What are message authentication codes? (d)


Risk Management Discussion Points Organizations should define level of risk it can live with Risk appetite: it defines quantity and nature of risk which organizations are wil

What is information security Information security protects information (and facilities and systems which store, use and transmit it) from a broad range of threats, in order to p

Question 1 a) Provide three advantages of using optical fiber. b) Distinguish between "Direct Sequence Modulation" and "Frequency Hopping" c) Decribe the purpose of using "

Confidentiality Confidentiality of information ensures that only those with sufficient privileges may access specific information. When unauthorized individuals can access inform

how can you enter the ASVAB practice test on line?

Hello i have submitted an assignment and i am still waiting to know if it has been accepted or not the ref number is TicketID: EM201381BRY525CN, the due date is for monday 27th of

Social Network development in Java: Project Title: SUGGESTLOCAL (Nov 2006-April 2007) Role             : Developer Domain        : Social Network Client          :

RSA Block and Vernam Stream Ciphers This assignment involves writing two small Python scripts and a report. Before you start you must download the ?le summarysheets.zip from th