Prior to developing an information security plan, it is important to understand

Question

Prior to developing an information security plan, it is important to understand and evaluate potential security risks before formulating prevention strategies. For this assignment, you will continue the planning process by adding the Risk Assessment section to the Information Security Assurance Implementation Plan. You will analyze and perform a risk assessment of the organization’s information systems. You will also discuss the importance of security in the design of information systems. The project deliverables for Week 2 are as follows: Update the Information Security Assurance Implementation Plan title page with a new date. Update the previously completed sections based on the instructor's feedback. Risk Assessment Perform a risk assessment of the organization’s network management, server management, Web and non-Web applications, data management, and cloud computing. Identify the threat vulnerabilities, affected assets, impact, and possible countermeasures identified in the previous section. Discuss the importance of security in the design of information systems.

Explanation / Answer

Security Program

The first action of a management program to implement information security is to have a security program in place. Though some argue the first act would be to gain some real "proof of concept" and "explainable thru display on the monitor screen" security knowledge. Start with maybe understanding where OS passwords are stored within the code inside a file within a directory. If you don't understand Operating Systems at the root directory level maybe you should seek out advice from somebody who does before even beginning to implement security program management and objectives.

Security Program Objectives

Security Management Responsibilities

The Elements of Security[edit]

Vulnerability

Threat

Risk

Exposure

Countermeasure or Safeguard

The Relation Between the Security Elements

importance of scurity in design of information systems.

Technology today has move forward in leaps and bounds in the last couple of years. This has created new opportunities for jobs, entertainment, how we go about our daily lives, and even organize the vast wealth of information at our fingertips. With all this information constantly being exchanged any given day, companies and organizations have had to step up their game too. Information systems security is a big part of keeping security systems for this information in check and running smoothly.

When people think of security systems for computer networks, they may think having just a good password is enough. The truth is a lot more goes into these security systems then what people see on the surface.

Information Can Always Be Stolen (Even Digital Information)

Throughout time information has always been stolen, bartered, or taken for personal gain or greed. There is an exchange of digital information going on all the time throughout the world. Every time someone swipes a card, logs into their e-mail, or a million other things that can happen, is an exchange of digital information. Just like physical information, this information can be stolen and used for personal gain or greed.

Information systems security is very important to help protect against this type of theft. Companies and organizations are especially vulnerable since they have a wealth of information from their employees. This can include names, addresses, telephone numbers, social security numbers, payrolls, etc. This information is sensitive and needs to be protected. Not to mention many companies and organizations today have an IT and security department to oversee their network systems.

The main focus of this industry is to protect these systems and to prevent the information from being stolen too. People in this industry can be involved with several tasks including raising user awareness, improving existing security systems, and in some cases even investigating security breaches too.

What is Involved with Information Systems Security?

Information systems security covers a vast number of jobs and careers for people to choose from too. The industry can cover everything from maintaining the hardware used by the IT department to investigating security breaches within a company or organization. People in this industry will usually be expected to also troubleshoot problems with the security system and how to fix them effectively.

Senior employees in the industry will not only have bigger responsibilities, but will require another set of skills too. People in leadership rolls will need to communicate effectively, implement strategies to fix a problem with their team, and often have to manage several non-management employees at any given time. There are even cases where these leaders are responsible for the payroll of their entire team and managing the resources available within the organization or company too.

Related Questions

Navigate

• Browse (All)
• Browse P
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.