Free

Information security management framework - Research Paper Example

Comments (0) Cite this document
Summary
So that information can be protected, organizations and businesses are supposed to execute regulations and controls concerned with safeguarding of information as well as the systems used for the storage and processing the information. This is typically achieved through executing…
Download full paperFile format: .doc, available for editing
GRAB THE BEST PAPER93.7% of users find it useful
Information security management framework
Read TextPreview

Extract of sample "Information security management framework"

Topic: Information Security Management Framework Security Policies, Standards and Guidelines So that information can be protected, organizations and businesses are supposed to execute regulations and controls concerned with safeguarding of information as well as the systems used for the storage and processing the information. This is typically achieved through executing information security policies along with standard and guidelines. In this context, security policies are usually written documents, which are supposed to lay out the precise requirements or rubrics that must be adhered to by the employees. It is an overall description of the permissible and impermissible conducts of the employees in the workplace concerning how information is handled. In regards to the security of information and networks, policies typically cover a single aspect such as the acceptable utilization of computing facilities in a learning institution (Singh, 2007).
On the other hand, standards are thorough and comprehensive statements of the aspects that members of an organization are supposed to participate in in order to abide by the set policies. They may exist in the form of requirements specific to systems or procedures, which are supposed to be adhered to by everyone. For instance, the employees may wish to use their personal mobile devices in the workplace; in this case, the standards set for the connection of the mobile devices to the network run by the organization must be adhered to precisely (Laet & Schauwers, 2005). Additionally, guidelines are literally groups of system or procedural specific recommendations that govern nest practices but are not must-follow controls. Nevertheless, reference to standards and guidelines is seen as an efficient and effective aspect of a good security policy. All the documents listed have varying target audiences in a company and thus they are not supposed to be combined into a single document. Rather, there should be a number of documents, which will collectively develop the concept of an information security policy framework thereby making the security policy the most important document overall.
References
Laet, G., & Schauwers, G. (2005). Network security fundamentals. Indianapolis, Ind.: Cisco.
Singh, B. (2007). Network security and management. New Delhi: Prentice-Hall of India. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Information security management framework Research Paper - 2”, n.d.)
Information security management framework Research Paper - 2. Retrieved from https://studentshare.org/information-technology/1689015-information-security-management-framework
(Information Security Management Framework Research Paper - 2)
Information Security Management Framework Research Paper - 2. https://studentshare.org/information-technology/1689015-information-security-management-framework.
“Information Security Management Framework Research Paper - 2”, n.d. https://studentshare.org/information-technology/1689015-information-security-management-framework.
  • Cited: 0 times
Comments (0)
Click to create a comment or rate a document

CHECK THESE SAMPLES OF Information security management framework

Information Security Risk Assessment Framework

...? Computer Sciences and Information Technology Annotated Bibliography Topic: Information Security Risk Assessment Framework and Metrics in the South Australia Real Estate Sector. Supervisor: Information Security Risk Assessment Framework and Metrics in the South Australia Real Estate Sector Australian Prudential Regulation Authority (2010) Prudential Practice Guide: PPG 234- Management of security risk in information and information technology. Web: http://www.apra.gov.au/Policy/upload/PPG_PPG234_MSRIT_012010_v7.pdf. Accessed on 10th April 2012. APRA...
15 Pages(3750 words)Annotated Bibliography

Information security management

...?TMA01 Information security management QUESTION A Before conducting information security risk assessment, there are certain fundamental concepts thatneed to be recalled. One of them is a Threat that is defined as the probable network security breach which may occur in the future and will harm the network, as well as Information systems. The current trends in technology advancement have enabled the networks to be prevalent. People are connected at home, offices, as well as when they are travelling either via laptop or mobile phones. The evaluation is conducted to identify the severity of each information system, which deserves priority due to the value of data which needs to be protected. Both threats and vulnerabilities need... Medium likely...
10 Pages(2500 words)Essay

Information Security Management

.... A maintenance plan document is developed, in the seventh step. The recommended standard approach to the process is to combine the both system development and life cycle (SDLC) risk management contemplation for the process of contingency planning. 2 Incident Response Planning Steps The incident response planning is associated with detailed set of processes and procedures which mitigate, detect and foresee the scope of an unexpected event directly impacting on information resources and assets. Incident Detection Identifying the incident to determine whether the incident has occurred due to routine operations or it is the occurrence of an actual incident. The identification of incidents, also known as...
5 Pages(1250 words)Essay

Security Framework

...governments, coordination attempts for various agencies since all had failed due to poor resource management. In conclusion, the ISO 27000 Series security framework has been a priority in many individual agencies because most agencies are created to be able to accomplish their own missions making security framework to be viewed as an important factor, which has to be budgeted for to ensure the tackling of information security threats. It is, therefore, necessary for companies to prevent any intrusion into their computer systems by having the best security frameworks. These involve the...
5 Pages(1250 words)Research Paper

Successful information security management

...? Full Paper Introduction Successful information security management involves an amalgamation of prevention, detection and response in order to deploy a strong security defense. Security has become an encircling issue for designers and developers of the digital world (Conklin, White, Cothren, Williams, & Davis, 2004). A system should also be able to counter incidents and raise proper procedures in case an information security incident occurs. Information security incident handling takes a stride forward in the information security...
9 Pages(2250 words)Research Paper

Information security management

...the general framework specified in the chosen approach for this risk assessment exercise. This means making use of more tools to substantiate the analyses. This also means going back to the previous exercises and making the data more rigorous and complete. This exercise can also benefit from trying out different analytical perspectives and approaches as used by other top companies in the GAO best practices text (United States General Accounting Office; Goel and Chen; The Open University). Works Cited Goel, Sanjay and Vicki Chen. “Information Security Risk Analysis- A Matrix-Based Approach”. University at Albany, SUNY/General Electric Energy. 2005. Web. 2 February 2013. <...
10 Pages(2500 words)Essay

Information Security Risk Management

...Information Security Risk Management Introduction Information security is the protection of information for business continuity as it is fundamental for maximizing the business opportunities and return on investment. Information security and risk management has become a critical business discipline with sales, marketing, financial management and Human resource. 2. Literature Risk management and its role in the organization Risk was called as a main cause for uncertainty in the business organizations. Therefore, business companies focus upon the risk...
2 Pages(500 words)Case Study

Information Security Management

...Information Security Management Table of Contents Table of Contents 2 Introduction 3 Findings 3 Strengths 3 Weaknesses 4 Opportunities 4 Threats 5 Policy Considerations 5 Software Tools 6 Certifications 6 6 Techniques and Methods 6 Conclusion 7 References 9 Introduction In present scenario, technological factor is identified to be one of the important considerations for the modern organisations to conduct their respective operations with better flow and sharing of information as well as ideas. In this regard, based on the provided case, a large international organisation operating in Perth Central Business District realised that increased usage of technologies has...
5 Pages(1250 words)Research Paper

Information security management framework

...Topic: Comparisons of Information Security Management Frameworks Benefits of having frameworks for information security managementInformation management security frameworks are developed founded on a structured set of independent recommendations, processes as well as practices predominantly from the Information Security Management System Standard (ISO 27001). The framework seeks to make sure that information assets are safeguarded from illegal access or...
4 Pages(1000 words)Research Paper

Information Security Management

...Information Security Management Insert Insert Question Consider the diagram above from the Systems Security Engineering Capability Maturity Model (SSE-CMM) security management framework. a) Outline and explain how the GhostNet case study may have seen impacts affecting each one of the components in the framework diagram above. According to GhostNet case study, improper elucidation of the system requirements may impact on the design of the system significantly affecting the user interface. The result may lead to attackers using the interface to send input and receive results especially from systems that...
1 Pages(250 words)Assignment
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.

Let us find you another Research Paper on topic Information security management framework for FREE!

Contact Us