Nobody downloaded yet

Information Security Planning - Essay Example

Comments (0) Cite this document
Summary
Information security is about taking care of business continuity which involves media backup operation, monitoring of incidents, classifying information and suitably providing access to this information to members of the company, investigating anomalies and safeguarding operations…
Download full paperFile format: .doc, available for editing
GRAB THE BEST PAPER98.1% of users find it useful
Information Security Planning
Read TextPreview

Extract of sample "Information Security Planning"

Download file to see previous pages The company needs to be prepared to combat virus attacks, ingress of unsolicited visitors and possible attacks by competitors on the company's information bank. To provide a safe and working repository of information, it is essential that the company has a well planned security policy in place.
2. The information security should be compliant to IS 17799 standards. This would bring about periodic security audits and would also ensure that there is a clear security policy in line with the objectives of the company.
3. To ensure that there is well defined acceptance criterion and milestones for every security measure and that this adhered to. And that these criterion and the mile stones are in line with the cost and budgeting dictated by the management of the company and to develop a comprehensive information security education policy.
4. To ensure that the company is in a state of readiness to combat potential disasters. Prevention and identification of crime, fraud and theft in the work place by ensuring both physical and logical security.
A security review or audit is done to identify the existing security, the degree of protection needed, locate the weaknesses in the system and recommend security steps that are needed. This should also throw out information that has to be secured.
Out of the list of jobs that need to be done for the security betterment a priority list is to be made in order of importance for security and the tentative cost for effecting the same. Priorities are laid down based on the company objectives and policies that are critical to company targets. In some of the locations, virus attacks could be frequent and these need to be countered on a priority basis may be because they are eating out on the productive time of the employees of the company and data get lost. In some cases, it might be that the data is getting out of the company through physical means in the form of CDs or flash drives.
3
Establish the feasibility of implementing.
A comprehensive list of jobs that has to be carried out and their feasibility in the company needs to be established and accordingly 'what-is-possible' list is produced.
4
Identify whether the planned actions will fit into the budget.
Based on the priority and the feasibility list the plan is further fine tuned with another constraint namely, the budget. If the budge should allow then the needed actions may be done, else they get pruned.
5
Need for security is to be fixed.
Based on all these factors, the needs for the security is finally fixed and then the requirements are made into one single list.
6
Fix the responsibility for implementing.
Using this list, it is important that the responsible person for each activity is fixed and the same is implemented through that specific person.
7
Train the people in the company and create a secure culture.
In order to ensure that the implemented security measure continues to bear fruit, the employees of ...Download file to see next pagesRead More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Information Security Planning Essay Example | Topics and Well Written Essays - 750 words”, n.d.)
Information Security Planning Essay Example | Topics and Well Written Essays - 750 words. Retrieved from https://studentshare.org/miscellaneous/1526348-information-security-planning
(Information Security Planning Essay Example | Topics and Well Written Essays - 750 Words)
Information Security Planning Essay Example | Topics and Well Written Essays - 750 Words. https://studentshare.org/miscellaneous/1526348-information-security-planning.
“Information Security Planning Essay Example | Topics and Well Written Essays - 750 Words”, n.d. https://studentshare.org/miscellaneous/1526348-information-security-planning.
  • Cited: 0 times
Comments (0)
Click to create a comment or rate a document

CHECK THESE SAMPLES OF Information Security Planning

Information Security

...and communication with customers as well (Benefits of Implementing an ERP System, 2011). Thus in order to integrate the computer simulation techniques in the organization the ERP systems can be considered to be incorporated such that the risks and threats of integration and security can be reduced. An ideal ERP system would connect and integrate all the departments of the organization with the new business process or the technology, in this case being the computer simulation measures. These include the manufacturing, the finance, the human resources, the supply chain management, the projects, as well as the customer relationship management departments (ERP (Enterprise Resource Planning, 2012))....
12 Pages(3000 words)Essay

Information Security

...its business activities. The progress in the field of information technology has been favorable because it has brought various benefits for the users all around the world. However, along with many significant benefits, the advancement in information technology has also created various issues related to the security of computer networks. These network-related issues need to be tackled properly in order to make the internet world safe and secure. Literature Review regarding Current State of Network Security Kaminsky (2010) asserts, “Network security comprises the measures a company takes to protect its computer system”. It is evident from...
5 Pages(1250 words)Research Paper

Information Security

.... Information security culture is extended in the end by altering the manners within a business to the preferred way. In addition, this occurs together by formalizing the structure of information security and by affecting to the psychological paradigms, approach, incentives, open and particularly implied awareness of human resources (Herold, 2010), (Feng, 2003) and (Kuusisto & Ilvonen, 2003). Therefore the creation of information security and confidentiality knowledge along with guidance plan is not an easy job. It is frequently a provoking job. It is frequently a confronting responsibility. Furthermore several times,...
10 Pages(2500 words)Essay

Information Security

...? Need for Information Security Introduction The intervention of technology has increased competition for organizations since communication has broken geographical barriers and has transformed the world into a global village. The increasing competition makes it vital for all types of organizations to be equipped with information and data about their customers, market trends, consumer behavior etc. However, the possession of complete information is considered to be an incomplete victory if it is not protected in an effective manner against prevailing threats and vulnerabilities. Lack of awareness and execution to protect company’s information assets can...
3 Pages(750 words)Research Paper

Information Security

...? Information Security in Small Business Firms Information Security in Small Business Firms Introduction The explosive growth of internet has added to the efficiency and convenience of modern business operations. However, a wide variety of information security threats, particularly computer hacking raises potential challenges to keeping and transferring information securely over the internet. Even a small business organization needs to deal with huge volume of confidential and sensitive information. Evidently, unauthorized access to such information would hurt the...
3 Pages(750 words)Research Proposal

Information Security

...? Information Security INFORMATION SECURITY Following the anti-virus up from McAfee that affected computers running Windows XPinternationally, the company made an official announcement, contending that a very small percentage of their clients had been affected. The apology was initially given by a spokesman for the company, and it was him who claimed that only less than 0.5% of their clients had been affected by the erroneous update (Harkins, 2013). This was the wrong person to have come out with such an apology, and it seemed that McAfee realized it. The next morning, Barry McPherson, their EVP, released a statement that was well phrased, but still unapologetic. Again,...
3 Pages(750 words)Essay

Information Security

...to be struck. Commenting on a study carried out by the GAO, the National Institute of Standards and Technology established a viable framework for promoting good practices for information security programs; this framework deals with risk assessment, the taking steps to reduce risk, and the creation of a central management group devoted to these risk management functions. This section will address good practices as they pertain to risk assessment and tailoring an information security policy to organizational goals and to remain cost-effective. The essence of an effective risk assessment procedure is not to assume that every conceivable risk can be...
4 Pages(1000 words)Essay

Security Planning

...of the of the of the Security Planning It is the aim of the Center for the Study of High Consequence Event Preparedness and Response to prepare the country to face high consequence issues. Security assessment has to encourage the development of sophisticated and creative technologies. This Center has to collaborate with the Department of Homeland Security Centers of Excellence. The various aspects of importance in this endeavor are preparedness, which entails governmental and first responder preparedness, community preparedness, national preparedness and private sector preparedness. Further, the preparedness of the nation as a whole in order to counter threats to the...
9 Pages(2250 words)Essay

Information Security

...Organizations should conduct periodic risk assessment of information assets as part of risk management program Organizations should implement policies and procedures based on risk assessment to secure information assets Organizations should have a security management structure Organizations should plan and initiate action to provide adequate information security for networks, facilities, systems and information and test regularly Organizations should provide information security awareness, training and education to personnel Organization should create and execute a...
6 Pages(1500 words)Term Paper

Information Security

...Information Security Table of Contents Table of Contents 2 An Overview of Information Security 3 Ensuring the Effectiveness of the Information Security Policies 3 Policies and Measures 4 Protection of the Data and the Steps Involved 5 Enhancing the Information Security 6 References 7 An Overview of Information Security The basic concept of the information security in an organization involves providing assistance to the organization’s mission. Every individual organization is open to the elements of worries which at times can influence the...
2 Pages(500 words)Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.

Let us find you another Essay on topic Information Security Planning for FREE!

Contact Us