2. Explain your view of the scope of an Information Systems Manager\'s roles and

Question

2. Explain your view of the scope of an Information Systems Manager's roles and responsibilities with respect to addressing the elements associated with a Corporations Information Systems' Security Plan (ISSP). Note: go to this web address https://www.oregon.gov/das/OSCIO/Documents/plan.pdf. Look at the Table of Contents where you will the expanse of the security plan and address those elements (e.g., Roles & Responsibilities, Risk, Communications, etc.) you feel are most critical. YOU MUST ALSO ADDRESS THE LEGAL ASPECTS ASSOCIATED WITH A ISSP. Expect 2 pages

Explanation / Answer

As per your requirement the below one is solution please follow it

It is the responsibility of the information system manager to develop and implement the information system policies and govern them. The scope of an information system manager is to govern over and administer :-

RISK MANAGEMENT

It is the system managers job to identify the risk and neutralize it according to the governing policies of the relating system. This also includes analyzing the threat, classifying, monitoring the system etc.

SECURITY POLICY

it is the system managers job to uphold the policies regarding the security of a system and deal with situation according to the guidelines in them. This includes successfully dealing with threats, security concern of the system and dealing with actions resulting from errors in the implementation.

PHYSICAL AND ENVIRONMENTAL SECURITY

It the job of the system manager to prevent unauthorized access, damage to physical property and compromising the information of the system. This also includes security of the other off site hardware systems.

ACCESS CONTROL AND INCIDENT MANAGEMENT

Information security management governs the clearance and access control given to the employees based on their functions and management of incidents that result from such problems. Which could include administrative actions like threat neutralization and damage control.

ASSETS MANAGEMENT

it is the system manager's job to look after the classification, security and maintenance of the assets. It presides over the controls of assets in situation that presents a threat to the system.

Therefore, it is clear that the system manager's duty is prevent any tampering, unauthorized access and preserve the integrity of the data that resides within the structure of the firm and prevent that structure from collapsing at various levels.

The legal aspects with information system security policy follows the hierarchy of succession based upon other such systems. It is governed by the laws in the legislature by the government and from there, follows a standard procedure which lays out the policies and govern the action thus taken by the manager in the face of threat.

The system can try to handle the matter internally based on the severity of the offence or handle it according to the laws which are further divided into structures like criminal law, civil law and public law etc. But mostly governed by the CFA ACT of 1996.

Related Questions

Navigate

• Browse (All)
• Browse 2
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.