Information security policy practices and standards, Computer Network Security


Management from all the communities of interest should consider policies as basis for all information security efforts. Policies direct that how issues should be addressed and technologies to be used. The Security policies are least costly controls to execute but most difficult to implement properly, as shaping policy should never conflict with laws& should be properly administered through dissemination.

Policy is plan of action used by organization to convey the instructions from management to those who make decisions and then perform duties. These are organizational laws.

Standards are more detailed statements of what should be done to comply with policy. Practices, procedures and guidelines explain how to comply with the policy. For a policy to be effective, it should be properly disseminated, read, understood and agreed by all members of the organization. The following Figure shows policies as the force which drives standards, which in turn drive guidelines.









                                           Policies, Standards, and Practices



Posted Date: 10/9/2012 2:58:43 AM | Location : United States

Related Discussions:- Information security policy practices and standards, Assignment Help, Ask Question on Information security policy practices and standards, Get Answer, Expert's Help, Information security policy practices and standards Discussions

Write discussion on Information security policy practices and standards
Your posts are moderated
Related Questions
ASSET IDENTIFICATION AND VALUATION This process begins with identification of assets that includes all elements of an organization’s system (people, procedures, data and informa

Question 1 The speech act theory is used as the model for communication among computational agents. Locution, illocution, and perlocution are the 3 aspects of this theory Using

(a) Illustrate what you understand by Nyquist Capacity Theorem? (b) Consider we wish to transmit at a rate of 64 kbps over a 4 kHz noisy but error-free channel. What is the mini

QUESTION 1 Using a real life scenario or context list and set the scene for at least four advantages that an organized incident response program promotes. QUESTION 2 Yo

Electronic Mail: Electronic mail which is famous as e-mail, as it is known to its number of users, has been around for more than two decades. Before 1990, it was mainly used in

Listing Assets in Order of Importance Weighting should be created for each category based on the answers to questions. The relative importance of each asset is calculated usin

Explain the architecture of ISDN.....?

Use the Chinese remainder theorem to evaluate x from the following simultaneous congruences: x ≡ 1 (mod 2); x ≡ 2 (mod 3); x ≡ 3 (mod 5). Calculate gcd(14526, 2568). (

There are various benefits related with providing the security. They are given below,  (i)  Confidentiality/ Privacy (ii)  Integrity  (iii) Availability (iv)Authenticatio

Problem (a) Below is a capture of an Ethernet II frame which contains an IPv4 packet and a TCP segment. The second screen capture is from the data portion of the frame.