StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Information security management framework - Research Paper Example

Comments (0) Cite this document
Summary
So that information can be protected, organizations and businesses are supposed to execute regulations and controls concerned with safeguarding of information as well as the systems used for the storage and processing the information. This is typically achieved through executing…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER96.6% of users find it useful
Information security management framework
Read Text Preview

Extract of sample "Information security management framework"

Topic: Information Security Management Framework Security Policies, Standards and Guidelines So that information can be protected, organizations and businesses are supposed to execute regulations and controls concerned with safeguarding of information as well as the systems used for the storage and processing the information. This is typically achieved through executing information security policies along with standard and guidelines. In this context, security policies are usually written documents, which are supposed to lay out the precise requirements or rubrics that must be adhered to by the employees. It is an overall description of the permissible and impermissible conducts of the employees in the workplace concerning how information is handled. In regards to the security of information and networks, policies typically cover a single aspect such as the acceptable utilization of computing facilities in a learning institution (Singh, 2007).
On the other hand, standards are thorough and comprehensive statements of the aspects that members of an organization are supposed to participate in in order to abide by the set policies. They may exist in the form of requirements specific to systems or procedures, which are supposed to be adhered to by everyone. For instance, the employees may wish to use their personal mobile devices in the workplace; in this case, the standards set for the connection of the mobile devices to the network run by the organization must be adhered to precisely (Laet & Schauwers, 2005). Additionally, guidelines are literally groups of system or procedural specific recommendations that govern nest practices but are not must-follow controls. Nevertheless, reference to standards and guidelines is seen as an efficient and effective aspect of a good security policy. All the documents listed have varying target audiences in a company and thus they are not supposed to be combined into a single document. Rather, there should be a number of documents, which will collectively develop the concept of an information security policy framework thereby making the security policy the most important document overall.
References
Laet, G., & Schauwers, G. (2005). Network security fundamentals. Indianapolis, Ind.: Cisco.
Singh, B. (2007). Network security and management. New Delhi: Prentice-Hall of India. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Information security management framework Research Paper - 2”, n.d.)
Information security management framework Research Paper - 2. Retrieved from https://studentshare.org/information-technology/1689015-information-security-management-framework
(Information Security Management Framework Research Paper - 2)
Information Security Management Framework Research Paper - 2. https://studentshare.org/information-technology/1689015-information-security-management-framework.
“Information Security Management Framework Research Paper - 2”, n.d. https://studentshare.org/information-technology/1689015-information-security-management-framework.
  • Cited: 0 times
Comments (0)
Click to create a comment or rate a document

CHECK THESE SAMPLES OF Information security management framework

Information Security Risk Assessment Framework

...? Computer Sciences and Information Technology Annotated Bibliography Topic: Information Security Risk Assessment Framework and Metrics in the South Australia Real Estate Sector. Supervisor: Information Security Risk Assessment Framework and Metrics in the South Australia Real Estate Sector Australian Prudential Regulation Authority (2010) Prudential Practice Guide: PPG 234- Management of security risk in information and information technology. Web: http://www.apra.gov.au/Policy/upload/PPG_PPG234_MSRIT_012010_v7.pdf. Accessed on 10th April 2012. APRA records that Information Technology reporting and metrics has two issues that are paramount: regular reporting and effective IT security metrics. A formalized IT security reporting framework...
15 Pages (3750 words) Annotated Bibliography

Information Security Management

The fourth step is associated with creating contingency strategies. In the fifth step, information technology contingency plan is developed. The sixth step involves training, testing, and exercise. A maintenance plan document is developed, in the seventh step. The recommended standard approach to the process is to combine the both system development and life cycle (SDLC) risk management contemplation for the process of contingency planning. 2 Incident Response Planning Steps The incident response planning is associated with detailed set of processes and procedures which mitigate, detect and foresee the scope of an unexpected event directly impacting on information resources and assets. Incident Detection Identifying the incident...
5 Pages (1250 words) Essay

Successful information security management

...? Full Paper Introduction Successful information security management involves an amalgamation of prevention, detection and response in order to deploy a strong security defense. Security has become an encircling issue for designers and developers of the digital world (Conklin, White, Cothren, Williams, & Davis, 2004). A system should also be able to counter incidents and raise proper procedures in case an information security incident occurs. Information security incident handling takes a stride forward in the information security management procedure. The aim is to provide a reference for the management, administration and other technical operational staff. If considering the Internal Revenue Service, focus on executing management actions...
9 Pages (2250 words) Research Paper

Information security management

Taking a step back, there is value in situating a risk assessment process for Accounting Company in the context of a cycle for managing risks. The chart below situates this particular exercise for Accounting Company in terms of a cycle that includes the (1) assessment of risks and determination of needs; (2) the implementation of controls and policies; (3) the promotion of awareness; and (4) monitoring and evaluation; all occurring within the context of a central point of focus (United States General Accounting Office 6):
Meanwhile, a compilation of risk assessment approaches for information security that is taken from best practices of many different top organizations in the US has distilled the most important elements of an...
10 Pages (2500 words) Essay

Information Security Risk Management

...Information Security Risk Management Introduction Information security is the protection of information for business continuity as it is fundamental for maximizing the business opportunities and return on investment. Information security and risk management has become a critical business discipline with sales, marketing, financial management and Human resource. 2. Literature Risk management and its role in the organization Risk was called as a main cause for uncertainty in the business organizations. Therefore, business companies focus upon the risk identification, and manage it before these risks impact the business decisions. Organizations having control over risk management can compromise confidently for future decisions. Organization...
2 Pages (500 words) Case Study

Information Security Management

...Information Security Management Table of Contents Table of Contents 2 Introduction 3 Findings 3 Strengths 3 Weaknesses 4 Opportunities 4 Threats 5 Policy Considerations 5 Software Tools 6 Certifications 6 6 Techniques and Methods 6 Conclusion 7 References 9 Introduction In present scenario, technological factor is identified to be one of the important considerations for the modern organisations to conduct their respective operations with better flow and sharing of information as well as ideas. In this regard, based on the provided case, a large international organisation operating in Perth Central Business District realised that increased usage of technologies has certainly raised the amount of data circulated in a business. Contextually...
5 Pages (1250 words) Research Paper

Information security management framework

...Topic: Comparisons of Information Security Management Frameworks Benefits of having frameworks for information security management Information management security frameworks are developed founded on a structured set of independent recommendations, processes as well as practices predominantly from the Information Security Management System Standard (ISO 27001). The framework seeks to make sure that information assets are safeguarded from illegal access or modification regardless of whether it is in storage, under processing or on transit. It further seeks to safeguard against any denial of service to the users with permission or provision of services to unauthorized users including the procedures needed to identify, document and deal...
4 Pages (1000 words) Research Paper

Information Security Management

...Information Security Management Insert Insert Question Consider the diagram above from the Systems Security Engineering Capability Maturity Model (SSE-CMM) security management framework. a) Outline and explain how the GhostNet case study may have seen impacts affecting each one of the components in the framework diagram above. According to GhostNet case study, improper elucidation of the system requirements may impact on the design of the system significantly affecting the user interface. The result may lead to attackers using the interface to send input and receive results especially from systems that are compromised The GhostNet systems also facilitate downloading of a Trojan called Ghost Rat that enables attackers have control...
1 Pages (250 words) Assignment

Information Security Management

Security is a group of activities that include the policies, measures, and actions which are utilized to stop unlawful access or alteration, theft, and physical damage to information or computer. Security can be supported by an assortment of techniques and tools to safeguard computer hardware, software communications networks, and data (Laudon & Laudon, 1999, p. 502). In the modern age of information technology, there are many threats happened for organizational information. We need a security model that has the ability to manage and secure our information reserves. Technical administrative safety /security measures like security plans, actions and techniques are the main practices for the organizational information security m...
10 Pages (2500 words) Research Paper
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.

Let us find you another Research Paper on topic Information security management framework for FREE!

Contact Us