StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...

Information Security Management - Essay Example

Cite this document
Summary
Full Paper Title Name University 1 7 steps for Contingency Planning defined by NIST The first step is to create a contingency planning policy statement that provides the ability and supervision for developing an efficient contingency plan. The second step is related to business impact analysis (BIA)…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER92.7% of users find it useful
Information Security Management
Read Text Preview

Extract of sample "Information Security Management"

Download file to see previous pages

The fourth step is associated with creating contingency strategies. In the fifth step, information technology contingency plan is developed. The sixth step involves training, testing, and exercise. A maintenance plan document is developed, in the seventh step. The recommended standard approach to the process is to combine the both system development and life cycle (SDLC) risk management contemplation for the process of contingency planning. 2 Incident Response Planning Steps The incident response planning is associated with detailed set of processes and procedures which mitigate, detect and foresee the scope of an unexpected event directly impacting on information resources and assets.

Incident Detection Identifying the incident to determine whether the incident has occurred due to routine operations or it is the occurrence of an actual incident. The identification of incidents, also known as incident classification, is related to analyze the originality of an actual incident. However, reports from system administrators, including intrusion detection systems, anti-virus software may facilitate to incident classification. Incident Response After the identification of actual incident, the incident response personnel follow with a responsive approach.

Likewise, the responsive approach includes informing to key personnel, allocating tasks and documenting the incident. Incident Escalation If the incident response team cannot contain the incident, the impact of the incident is significantly out of reach. Prioritizing business processes as per business impact is essential. For instance, (fraud risk management server) in a bank stops responding, the business impact will be ‘most critical’. Incident Recovery After the containment of the incident, the process of incident recovery initializes.

The incident response team must comply with “What to do to recover from the incident”. The team must restore services, backup data, continuously monitor the effected system etc. 3 Criteria for Law Enforcement Agencies The law enforcements agencies should be involved if any incident violates civil and criminal law. It is the sole responsibility of the organization to inform law enforcement agencies. However, the involvement of ‘what type of enforcement agencies’ relates to the type of crime conducted.

4 Why businesses Continuity Plans are tested and rehearsed? Plans are tested and rehearsed to ensure that the ongoing projects meet the changing needs of the organization. Secondly, the plans are also tested and rehearsed to ensure that the capacity of organization is compliant with all the applicable regulations. 5 Summary for Special Publication (SP) 800-34 Contingency Planning Guide For federal information system contingency planning, this publication provides recommendations, instructions, and considerations.

Contingency planning is associated with the intermediate control measures for incidents related to information system services, which may occur due to interruption. The intermediate controls consist of recovery of information systems function by utilizing equipments exchange, performance of information systems, and relocation of information systems. This guide addresses contingency planning to three platforms. The platforms are Client / Server Architecture, mainframe systems and Telecommunication systems.

Moreover, the guide provides seven progressive steps for contingency planning process. The 7 steps are: Contingency plann

...Download file to see next pages Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Information Security Management Essay Example | Topics and Well Written Essays - 1250 words”, n.d.)
Retrieved from https://studentshare.org/environmental-studies/1410868-information-security-management
(Information Security Management Essay Example | Topics and Well Written Essays - 1250 Words)
https://studentshare.org/environmental-studies/1410868-information-security-management.
“Information Security Management Essay Example | Topics and Well Written Essays - 1250 Words”, n.d. https://studentshare.org/environmental-studies/1410868-information-security-management.
  • Cited: 0 times

CHECK THESE SAMPLES OF Information Security Management

Successful information security management

Successful Information Security Management involves an amalgamation of prevention, detection and response in order to deploy a strong security defense.... Information security incident handling takes a stride forward in the Information Security Management procedure.... hellip; A system should also be able to counter incidents and raise proper procedures in case an information security incident occurs.... Security incident management facilitates the development of security incident handling and planning including preparation for detection and reply to information security issues....
9 Pages (2250 words) Research Paper

Research Project : Information Security Management

Instructor Institution Date information security Introduction Information systems have increasingly come under attack from various security threats.... Information stored in computer systems is often under attack from different information security threats coming from different sources.... Threats to information security often gain access to the information stored in computer systems and manipulate the data and information rendering it meaningless and useless to the owners of the information while in some cases benefiting the sources of the information security threats (Stephen, et al, 106)....
3 Pages (750 words) Research Paper

Information Security Management of BS 7799

This paper "Information Security Management of BS 7799" focuses on the fact that BS 7799 is the most influential globally recognised standard for Information Security Management systems around the world.... BS7799, which now has the international number ISO 27001:2005, is the international best practice Information Security Management standard, defining and guiding Information Security Management System development.... Part 1 (the original Code of Practice) of the revised BS7799 standard was re-titled "Code of Practice for Information Security Management" and provides guidance on best practices in Information Security Management....
6 Pages (1500 words) Case Study

Information Security Management

In addition, the investigation showed that when the attackers entered into their network, the Target's security team was able to determine only some of their actions.... However, the security team carefully evaluated their actions and responded accordingly.... Though, Target uses a very useful tool known as FireEye that repeatedly removes malicious code or software, however the Target's security team had turned it off before this attack (KrebsonSecurity)....
4 Pages (1000 words) Research Paper

Information Security Management Standards

This report "Information Security Management Standards" discusses the system that my organization has settled upon, highlighting all its features and how this new security plan will ensure that the organization does not lose or have data distorted from an invasion or crushing of the system.... This forces the organization to constantly refresh the information security systems every often to ensure that the system is not compromised (Humphreys, 2008).... To that effect, the organization funded research into the most appropriate information security system, with all the desirable security features....
13 Pages (3250 words) Report

Comparisons of Information Security Management Frameworks

Information management security frameworks are developed founded on a structured set of independent recommendations, processes as well as practices predominantly from the Information Security Management System Standard (ISO 27001).... Some of the benefits of possessing frameworks for Information Security Management include the fact that they create a secure and well-arranged working environment while at the same time protecting information and information assets....
4 Pages (1000 words) Research Paper

Information security management framework

It is an overall description of the Topic: Information Security Management Framework Security Policies, Standards and Guidelines So that information can be protected, organizations and businesses are supposed to execute regulations and controls concerned with safeguarding of information as well as the systems used for the storage and processing the information.... This is typically achieved through executing information security policies along with standard and guidelines....
1 Pages (250 words) Research Paper

Information Security Management in the USA

The basic issue in the paper “Information Security Management in the USA”, which the author has chosen for discussion is information hacking.... Thus, an organized collection of procedures, people and information technology (IT) structure that protects decisive systems and information, and secure them from inside as well as outside intimidations is known as Information Security Management (ISM) (Sipior & Ward, 2008), (Northern Illinois University, 2007) and (Grimaila, 2004)....
10 Pages (2500 words) Dissertation
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us