User Account

All Pages

Many organization struggle with writing policies

Assignment Help Computer Networking
Reference no: EM13763469

Question number 1.

Information Security Policy. An Information Security Policy is the cornerstone of an Information Security Program. It should reflect the organization's objectives for security and the agreed upon management strategy for securing information.

In order to be useful in providing authority to execute the remainder of the Information Security Program, it must also be formally agreed upon by executive management. This means that, in order to compose an information security policy document, an organization has to have well-defined objectives for security and an agreed-upon management strategy for securing information. If there is debate over the content of the policy, then the debate will continue throughout subsequent attempts to enforce it, with the consequence that the Information Security Program itself will be dysfunctional.

Many organizations struggle with writing applicable policies that are relevant to their changing environments. There are a plethora of security-policy-in-a-box products on the market, but few of them will be formally agreed upon by executive management without being explained in detail by a security professional. This is not likely to happen due to time constraints inherent in executive management. Even if it was possible to immediately have management endorse an off-the-shelf policy, it is not the right approach to attempt to teach management how to think about security. Rather, the first step in composing a security policy is to find out how management views security. As a security policy is, by definition, a set of management mandates with respect to information security, these mandates provide the marching orders for the security professional. If the security professional instead provides mandates to executive management to sign off on, management requirements are likely to be overlooked.

why do you think many organization struggle with writing policies?

question number 2

In the attached white paper it states:

As computers become more common place in homes, and more necessary in businesses of all types, the incidence of information security related breaches has grown accordingly. Where once only large corporate environments were susceptible to attack, increasingly individuals and small business networks are being targeted. It is not, however, only from outside that these attacks originate; consider the following scenario:

"A man comes home from work and sits down at the family computer to update is checkbook. After double-clicking on the program icon, he receives a message that his data file cannot be found; further searching reveals that the file no longer exists. Asking his wife if she knows anything about the problem, he is told, "The kids were playing around on the computer earlier today." Interrogation of his children reveals that they had deleted his checkbook file because they, "...needed more space on the hard drive for games."

While this illustration is not based on any known incident, it is certainly a plausible situation, and demonstrates the need for information security even at the individual level. What can be done to mitigate the risk of an information security incident, and how should people approach the task? After reading the attached white paper do you feel the information that is connected to the Internet can ever be secure ? Will we ever be able to mitigate vulnerability to an acceptable level?

Reference no: EM13763469

Questions Cloud

Analysis to measure profitability and liquidity : Write a paper of no more than 1250 words in which you conduct a comparative and ratio analysis to measure profitability and liquidity.
Most powerful tools available for managers : Managerial accounting is all about making informed decisions. Cost-volume-profit (CVP) analysis is one of the most powerful tools available for managers to crunch numbers, gain a thorough understanding of a situation, and perform a what-if analysi..
In what situations terminated employee have no recourse : What are the possible legitimate reasons for which an employee can challenge a wrongful termination? In what situations does a terminated employee have no recourse
Planning phase of the management process : How do managers use the concept of cost-benefit during the planning phase of the management process and how do managers use the concept of cost-benefit during the performing stage of the management process?
Many organization struggle with writing policies : Information Security Policy. An Information Security Policy is the cornerstone of an Information Security Program. It should reflect the organization's objectives for security and the agreed upon management strategy for securing information.
Description of the criminal offender : In your assignment, provide a description of the criminal offender, including the type of crime committed and the charge handed down by law enforcement
Discuss works written by major nineteenth century authors : Discuss works written by major nineteenth century authors. Discuss biographical details of specific major American authors from the nineteenth and twentieth centuries.
How ny residents and nonresidents are taxed : How NY residents and nonresidents are taxed, including the source of income principal and whether the taxpayer is a NY resident or nonresident for the year(s) at issue;
Should the gun be admitted as evidence : Police were investigating a shooting death outside a cafe in Dallas, Texas. Defendant Ortez had left the scene of the shooting and had returned to his boardinghouse to sleep. Should the gun be admitted as evidence

Reviews

Write a Review

Computer Networking Questions & Answers

  A rural medical centre in australia plans to improve its

a rural medical centre in australia plans to improve its services to the community by providing telemedicine and

  Window-based reliable data transfer over udp homework

homework for window-based reliable data transfer over udp. can you help? ltbrgti need a tutor to understand how this

  Find data transmission rate in bits per second of system

Assume that the airliner carries 10,000 kg of those floppies at the speed of 1000 km/h over the distance of 5000 km. Determine the data transmission rate in bits per second of this system?

  Design and implement a basic file transfer protocol

A subclass of TransferJob that performs an FTP upload of a file to the remote host.

  Question 1a what are the indispensable ingredients of a

question 1a what are the indispensable ingredients of a symmetric cipher?b what are the two basic meanings used in

  What are the similarities in wan''s and lan''s

Compare WAN's and LAN's. What are the similarities, what are the differences. What special considerations must you remember when planning a WAN

  Current ethical and legal concerns

Evaluate the current ethical and legal concerns surrounding your topic. Compose an executive summary highlighting the paper's contents and reasoning for your chosen topic

  Remote access networks and vpns

safekeeping posture of enterprise (venture) wired and wireless LANs (WLANs), steps listed in OWASP, Securing User Services, IPV4 ip address, IPV6 address format, V4 address, VPN, Deploying Voice over IP, Remote Management of Applications and Ser..

  Choose to complete a research report

If you choose to complete a research report (not an implementation or a test of a security mechanism) for the assignment, the research report should be of at least 1500 words.

  Explain system gives protection using bell-lapadula policy

A computer system provides protection using the Bell-LaPadula policy. How would a virus spread if: The virus were placed on the system at system low (the compartment that all other compartments dominate)?

  Create the technology survey of lans

Create the technology survey of LANs, which means for each LAN determine (or create): Hardware (# of computers, printers, etc.) CPU architecture (Intel, RISC, etc)

  The purpose of this two-part project is to compute the

the purpose of this two-part project is to compute the students ability to analyze security requirements and prepare a

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd