HomeworkLib
Question

Learning Objective: Evaluate the purpose and contents of the three major types of information security policies:...

Learning Objective: Evaluate the purpose and contents of the three major types of information security policies: Enterprise information security program policy, Issue-specific information security policies, Systems-specific policies.

In at least 250 words, discuss the following in your main post.

  1. Revisit the organization from week three or pick another organization where you have access to one of their publicly available security policies.
  2. Identify the organization, policy type, and the policy's importance to the organization. Be specific.
engineering   Computer-Science   
0 0
Add a comment Improve this question Transcribed image text
Next > < Previous
Sort answers by oldest

Homework Answers

Answer #1

Data Security or Information Security helps in recognizing the valuable assets of the organization. It also describes of the guidelines about what is ethical and unethical to do for the worker to guarantee security of data.

An association with no data security is in danger. The information security approach's essential concern is to co-ordinate the data security endeavors of the organization.

Various types of Data Security Policies are:

1. Enterprise Information Security Policy

Enterprise information Security Policy sets up key heading or the direction, extension and tone for association's security exertion and gives obligations regarding diverse zone of data security. Enterprise Information Security Policy gives rule to the improvement , execution and the executives essential of the data security program.

2. Issue-Specific security Policy

Issue explicit arrangements gives point by point guidelines, and direction to all individuals from the association in the utilization of an asset, for instance process or innovation utilized by the association. Each association's Issue-Specific Security Policy should address explicit innovation based frameworks, and should be refreshed much of the time.

3. Systems specific Security Policy

System Specific Security Policy is not like the other security policies. They can be frequently made to work as guidelines or strategies that can be utilized while arranging the frameworks. For eg:- Design and activity of a system firewall.

0 0
Add a comment
Know the answer?
Add Answer to:
Learning Objective: Evaluate the purpose and contents of the three major types of information security policies:...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions

  • The text describes three types of security policies: Issue Specific Security Policy (ISSP), Syste...

    The text describes three types of security policies: Issue Specific Security Policy (ISSP), System Specific Security Policy (SysSP), and Enterprise Information Security Policy (EISP). Pick one security policy you have experienced as an employee and describe its effect. How would you change it and why? Provide feedback to your classmates answers and make recommendations for changes as well.

  • This week's topic, information security policies, is perhaps the most important topic that a Business major...

    This week's topic, information security policies, is perhaps the most important topic that a Business major can take from this course. This is the governance layer that lays the bedrock for your organization's security posture. Sure, the technical folks are responsible for executing on that policy but this is where the leaders of a business get together, reach agreement, at times do a sanity check on what is enforceable in the organization, and draft the rules that will make sure...

  • Information technology (IT) infrascruture security policies are represented in many types of policy documents, depending on...

    Information technology (IT) infrascruture security policies are represented in many types of policy documents, depending on the organization’s network and infrastructure needs. These differences stem from different cyber security risks. They also present organizations with different choices to define and make in their security policies. 1. What are some best practices organizations can observe when creating and maintaining domain policies? 2. LAN security policies often center on issues concerning connectivity; this includes determining how devices adhere to the network. What...

  • If an organization is going to have a chance at a successful security program they need...

    If an organization is going to have a chance at a successful security program they need to develop policies that provide direction for all security efforts and guide the conduct of the users. These policies need to be well written to provide the organization with solid guidance to support their security objectives. Identify and briefly describe the three types of security policies. Your response should include a discussion of where each should be used. Where should policy writers look to...

  • The purpose of security policies is to help mitigate identified risks. Writing these policies is easier...

    The purpose of security policies is to help mitigate identified risks. Writing these policies is easier once you have created an asset inventory list, prioritized that list, and identified the major risk exposures found in those assets. The task of identifying your IT assets begins with recognizing that your IT infrastructure and supporting resources can be divided into the seven IT domains. The benefit of identifying the assets and prioritizing them across those domains is being able to document policies...

  • The discussion: 150 -200 words. Auditing We know that computer security audits are important in business....

    The discussion: 150 -200 words. Auditing We know that computer security audits are important in business. However, let’s think about the types of audits that need to be performed and the frequency of these audits. Create a timeline that occurs during the fiscal year of audits that should occur and “who” should conduct the audits? Are they internal individuals, system administrators, internal accountants, external accountants, or others? Let me start you: (my timeline is wrong but you should use some...

  • Major Debates Over Macroeconomic Policy Instructions Assignment Files Grading Purpose of Assignment This week requires the...

    Major Debates Over Macroeconomic Policy Instructions Assignment Files Grading Purpose of Assignment This week requires the student to address six unresolved issues in macroeconomics, each of which is central to current political debates. Students are required to use information and tools that they have accumulated in their study of the text and evaluate both sides of those issues, determine which side they can support for each issue, and defend their positions. Assignment Steps Select two subjects from the following list...

  • DQ1. What is an Audit Work Program (some call it Audit Program)? The audit work program...

    DQ1. What is an Audit Work Program (some call it Audit Program)? The audit work program - Email Surveillance Audit Program – What is the structure and contents including various audit steps. Find 1-2 steps in the audit program where the audit software can be used. How can audit software be used to gather evidence?. (the Audit program (Email Surveillance Audit Program details is attached). DQ3. Review the contents of the Audit Manual of Office of University Audits at University...

  • MGMT SS STATS, an umbrella body that facilitates and serves various Social Security Organizations...

    MGMT SS STATS, an umbrella body that facilitates and serves various Social Security Organizations/Departments within the Caribbean territories, stood poised to meet the needs of its stakeholders by launching an online database, located at www.SSDCI.gov. The database will provide members and the public with access to the full set of services that can (also) be initiated face to face; and it will provide managed, private, secure access to a repository of public and/or personal information. For example, insured persons accumulate...

  • For this paper, the following five elements must be addressed: Describe a current IT-related ethical issue:...

    For this paper, the following five elements must be addressed: Describe a current IT-related ethical issue: Since this is a paper exercise, not a real-time situation, you may want to construct a brief scenario where this issue comes into play, and thus causes an ethical dilemma. The dilemma may affect you, your family, your job, or your company; or it may be a matter of public policy or law that affects the general populace. See the list below for a...

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT