Free

Security Policy Analysis - Essay Example

Comments (0) Cite this document
Summary
The uncertain event can eventually impact how successful a particular project can get. For instance, if requirements of the project change or you…
Download full paperFile format: .doc, available for editing
GRAB THE BEST PAPER94.3% of users find it useful
Security Policy Analysis
Read TextPreview

Extract of sample "Security Policy Analysis"

Security Policy Analysis Insert Insert Define program risk A program risk encompasses the likelihood of threats that may affect the original course of a particular project (Vona, 2008). The uncertain event can eventually impact how successful a particular project can get. For instance, if requirements of the project change or you encounter errors.
Define institutional risk
It refers to an occurrence that may prevent an organization from attaining its set objectives. The threat is on the entity that is the institution concerned.
Describe how your selected organization incorporates program risk and institutional risk in its security program. Offer examples of both types of risk
Information technology firms need to develop an initiative to identify, manage and eliminate those risks so that the institution may achieve its set goals within an acceptable timeframe. In most cases, an ICT firm will be handling a number of projects especially those in software. These company’s make earnings from these projects (Luetge & Jauernig, n.d.). As a result, they need to mitigate risks facing the projects as one of the factors that will influence the project. In regard to that, there is a need to identify, examine and regulate the threats that may affect the completion of any project.
The company also faces other threats not related to the projects in any manner. These form the institution risks. Most of them will attempt to obstruct the system from achieving its objectives. It involves the organization settling on priorities concerning the efforts made in the institution and the use of resources for optimum achievement. It should span all the mission areas of the company.
Assume you are a technical advisor for the Chief Information Officer (CIO) of your organization. The CIO sends you an email communicating that she wants to be briefed on "OMB M-11-11" because the administrator has just added it to the list of priorities for the organization. She has limited knowledge of the policy and needs to know how it will effect the organization, and what we have already accomplished towards meeting the requirements within the system.
You have been given 30 minutes with the CIO. What would you report? And why?
First, I would report on what OMB-11-11 is (Xceedium.com, 2015). In relation to that, it is a policy that advocates for the implementation of identity verification among persons to facilitate authorization to have access to information systems, networks and facilities in an organization.
Next, I will report on the implementation of OMB-11-11. The application will entail a detailed procedure and use of software applications that will make the process simpler such as a Xsuite. The access control mechanism will offer privileges such as keeping track of passwords, access methods that rely on keys both for network and information systems. Through such application software, it is possible to separate authorization and authentication to beef up security especially in highly sensitive areas of the institution. In addition, implementation will include setting policies to ascertain where a user goes after authentication and what they are privileged to do there.
I will also report on challenges that will face the implementation of OMB-11-11. For instance, quick deployment of the systems to users with optimal privileges. Most need access to various systems and be able to perform many duties. Others include the infrastructure to implement the policy and inclusion of legacy systems in the institution.
Finally, I look at what the institution has done so far. In this case, the company solely relies on administrator, clients privileges to restrict access to information. That is done through the use of passwords.
References
Luetge, C., & Jauernig, J. Business Ethics and risk management.
Vona, L. (2008). Fraud risk assessment. Hoboken, NJ: J. Wiley & Sons.
Xceedium.com, (2015). HSPD-12 - Privileged Access Control | Xceedium | Xceedium. Retrieved 24 April 2015, from http://www.xceedium.com/solutions/federal-government-solutions-summary/federal-government-solutions-detail-page-2-hspd-12-and-omb-11-11-smartcard-mandates Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Security Policy Analysis Essay Example | Topics and Well Written Essays - 250 words - 1”, n.d.)
Security Policy Analysis Essay Example | Topics and Well Written Essays - 250 words - 1. Retrieved from https://studentshare.org/information-technology/1690872-security-policy-analysis
(Security Policy Analysis Essay Example | Topics and Well Written Essays - 250 Words - 1)
Security Policy Analysis Essay Example | Topics and Well Written Essays - 250 Words - 1. https://studentshare.org/information-technology/1690872-security-policy-analysis.
“Security Policy Analysis Essay Example | Topics and Well Written Essays - 250 Words - 1”, n.d. https://studentshare.org/information-technology/1690872-security-policy-analysis.
  • Cited: 0 times
Comments (0)
Click to create a comment or rate a document

CHECK THESE SAMPLES OF Security Policy Analysis

Information security policy

.... As there is a requirement of protecting this digital information internally and externally, policy is a control that provides necessary steps, procedures and processes to protect information. These are also considered as high level statements derived from the board of the organization. “Information security policy is therefore considered an essential tool for information security management” (Ilvonen 2009). However, information security policy is customized by company to company and department to department. Different factor that may influence to tailor the policy includes organization size, dependence on information...
10 Pages(2500 words)Essay

Homeland Security-Policy Analysis

...? Homeland Security-Policy Analysis Homeland Security-Policy Analysis The need for protection of the American people by the Bush administration on realizing the government’s laxity after the September 11 attacks that left over 3000 people dead saw the creation of the Homeland Security Act(HSA) of 2002, (Pub. L.107-296, enacted November 2002).This act of the United States Parliament saw the creation of a key department and its departmental head according to Fischer, Fischer, Halibozek and Green (2010). The Department of Homeland Security and the ministerial position is headed by the Secretary of Homeland Security. The act pointed out the major reason for the creation of the Homeland Department as the need to prevent radical assault... in the...
7 Pages(1750 words)Essay

US National Security Policy and Analysis

...?US National Security Policy and Analysis National security is one of the most fundamental aspects and duties of the US federal government. It encompasses the provision of security to the US citizens in and out of American soil. This measure applies against local and international threats of security. In most cases, America has been a target to international threats of security that include individual terrorists and terrorist groups like the Al-Qaida. Although most attacks manifest on American soil like the 9/11 and The Cold War, there has been more attacks on the Americans in other countries like Iraq. For a fact, these...
5 Pages(1250 words)Essay

Security Policy Description

... of the of the 14 December Introduction AMERCO Car Leasing is an E-commerce based company with its head officein Bathesda office and three local pick up points located in DC metro area. Primary business is associated with car leasing for personal and business use. AMERCO Car Leasing Company wants to draft an information security policy we will use a phased approach that will use a basic policy framework that will address key policies followed with the development of more policies. Likewise, the phased approach will also revise the existing policies that are already in place. In the current scenario there is no policy in place, as the company is new. One key element for a policy development process is the process maturity level... . For...
7 Pages(1750 words)Term Paper

Foreign Security Policy

...The Umbrella of the European Union's European Security Defence Policy/ Common Foreign Security Policy According to Sally McNamara, The European Security and Defense Policy (ESDP) has emerged as one of the biggest attempts to expand EU power to date, centralizing the most important tools of nation-statehood. The militarization of the European Union marks one of the greatest geopolitical shifts in the transatlantic alliance since the end of the Second World War. As a political initiative, it embodies the worst elements of European animosity toward the United States and would fundamentally undermine the NATO alliance and the Anglo-American Special Relationship.1 On the other hand, the Common Foreign and Security Policy (CFSP... ) is the...
1 Pages(250 words)Essay

Profile of al-Qa'ida and Analysis of U.S. Homeland Security Domestic Policy

...., 2002). POLICY ANALYSIS: The US Patriot Act – An Introduction The US Patriot Act was passed by the Senate in the aftermath of 9-11 attacks, with a view to ensure US homeland security. It has the following components: 1. In order to probe into large scaled organised crime and drug transportation, this act allowed more powerful mechanisms and measures to fight the crime. In the past, it helped the terrorists and smugglers grow rich together and engage into the acts of terrorism by getting access to weapons and other aids. It: Allows the security agencies and investigators to keep an eye against the crimes that can lead to terrorist activities. It enables investigators...
12 Pages(3000 words)Term Paper

Cyber Security Policy Initiatives

...Table of Contents Confidentiality 2 Integrity 3 Availability 4 The Cyber security Policy Initiatives of the Current Administration 4 Essential Points 5 Structuring Ability for a Digital Nation 7 Distributing Accountability for Cybersecurity 8 Formulating Helpful Information Sharing and Incident Response 9 Encouraging Innovation 9 Recommendations 10 References 11 Cyber Security Policy Initiatives The system of technologies, procedure and observance which are structured for protecting networks, systems, applications and important information from attacks, harm or entrance from unauthorized as well as unrecognized sources is what is known as Cyber...
11 Pages(2750 words)Research Paper

An analysis of the security implication of immigration in the Sultanate of Oman from 2009 till 2014 and its implication for future immigration policy

...An Analysis Of The Security Implication Of Immigration In The Sultanate Of Oman From 2009 Till And Its Implication For Future Immigration Policy? Table of Contents Table of Contents 2 Introduction 3 A Brief Understanding of the Implications of Flow of Immigrants 5 Statistical Information 7 Security Implication of Immigration in Oman 9 PESTLE Analysis 10 Political Factors 10 Economic Factors 12 Social Factors 14 Technological Factors 16 Legal Environment 17 Environmental Factors 17 Legal Analysis of the Countries Policies Towards Immigrants 18 Recommendations for Future Strategy 20 Conclusion 22 References 24 Introduction The Sultanate of Oman, which is also known simply as Oman, is a gulf nation situated in the south-eastern part... to...
20 Pages(5000 words)Essay

Security Policy Analysis

...Security Policy Analysis al Affiliation) The proposed Cybersecurity Legislation of s and describes responsibility, authority and accountability of various parties. In terms of authority and responsibilities, the Secretary of Homeland Security, the Partnership Advisory Council for critical infrastructure, the private sector and other federal agencies, are empowered to conduct high level cyber security risk assessment on a sector by sector sequence, develop procedures for certain critical infrastructure, identify performance issues and implement plans for restoration. The authority conferred on these institutions is for defending and monitoring cyber...
1 Pages(250 words)Essay

Security Policy Analysis

...Security policy analysis Security Policy Analysis Q1.Obligations of non-IT executives and managers concerning cyber security Cyber security is a very vital issue, which should affect the daily routines of every individual and organization globally. With the current growth of information and communication technology, people need to connect to the internet to run their daily businesses locally and internationally. The growth enhances the expansion of the cyber security in most organizations. The issue compels the non-information technology executives and the managers to join the circle as...
1 Pages(250 words)Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.

Let us find you another Essay on topic Security Policy Analysis for FREE!

Contact Us