Saturday, May 11, 2019
Information security policy Essay Example | Topics and Well Written Essays - 2500 words
info aegis polity - Essay ExampleThe researcher states that as this is an info age, selective information is now in the form of digits that flows on an electronic computerized network. Organizations argon dependent on these digital communication channels for transferring and exchanging sort out information such as confidential information, mission critical information and information that is published for the people. As information is a blood life of any organization, it is vital to protect information by implementing physical, pellucid and environmental controls. In the context of protecting information credential, three fundamental factors must be considered to soak up use of digitized information in an effective manner i.e. Confidentiality, Integrity and Availability. As there is a demand of protecting this digital information internally and externally, indemnity is a control that provides necessary steps, procedures and marches to protect information. These are also c onsidered as high level statements derived from the board of the organization. Information security indemnity is therefore considered an innate tool for information security management. Different factor that may influence to tailor the policy includes organization size, dependence on information systems, regulatory compliance and information classification scheme. For addressing all issues cerebrate to information security via a single policy is not possible, however, to cover all aspects related to information security, a set of information security policy document focusing on different separate of employees within the organization is more suitable. This paper will discuss different factors that must be taken in to account when constructing and maintaining an information security policy. However, there are many methods available for constructing an information security policy, the initial step before adopting any one of the methods is to identify the current maturity level of the policy construction process within the organization. The outputs will be either no information security policy development process in place or there is an extensive policy development process exists. Information Security Mission Statement Nexor Solutions and Nexor Solutions employees are intrinsic and responsible for protecting the physical information assets, confidential data and intellectual property of the organization. Likewise, these physical and intangible assets must be protected from effectiveness threats to Nexor Solutions and Nexor Solutions employees. Consequently, the information security policy for Nexor Solutions is a critical business function that must be incorporate within the business operations covering all aspects of Nexor Solutions business procedures, processes and tasks. However, to achieve these objectives, policies and procedures are already in place i.e. Acceptable Use Policy of Nexor Solutions. Information security is the basis for the business that must be integrated into each function of the organization i.e. administrative service, planning and development, sales and marketing and operations, as these functions control precise controls for mitigating the risk from normal business operations. State and federal laws associated with information security and privacy are applicable to Nexor Solutions, as non-compliance will impose fines, stakeholder confidence, audits and direct revenue loss for Nexor Solutions. Overview As information security (Detmar Straub, Goodman et al. 2008) has now become everyones business, every employee of Nexor Solutions is accountable making themselves aware with the compliance with Nexor Solutions policies, procedures and standards associated with information security. Likewise, a policy is considered as a tactical control followed by budgets and organizations (Osborne, Summitt, n.d). Information Security is defined as The protection of information systems against unauthorized access to or modifica tion of information, whether in
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment