Information Security Report: Risk Management and Accreditation
VerifiedAdded on  2022/10/04
|15
|4005
|461
Report
AI Summary
This report analyzes the information security needs of the FuturePlus charity organization, focusing on risk management and accreditation guidelines. The organization, which supports disadvantaged students, handles sensitive data including donor information, donation amounts, and student details. The report emphasizes the importance of an information security program to protect this data, especially as it is transmitted over the internet. It delves into the guidelines for information security risk management, including identifying, analyzing, and controlling risks, as well as the implementation of security measures like encryption and access controls. The report also covers guidelines for information security certification and accreditation, outlining the process and importance of minimizing IT risks through these processes. The report emphasizes the need for data confidentiality, integrity, and availability to protect the organization's sensitive information and maintain its operations.
Running head: INFORMATION SECURITY
Information Security
Name of the Student
Name of the University
Author Note
Information Security
Name of the Student
Name of the University
Author Note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1
INFORMATION SECURITY
Executive Summary
The term information security is referred to as a state of protection of information like
confidential data against the unauthorized utilization of the information, misuse of the
confidential information such as electronic data. This report is concerned with the security of
sensitive and confidential information of a certain any organization that aims to support the
disadvantaged children by paying their tuition fees as well as providing them with
accommodation as well. The confidential data of this organization like the details of the donor
along with their amount of donation and the details of the candidates getting help from this
organization should be kept safe and secure as it is communicated over the internet so the data
does not gets stolen by any unauthorized user. In this report the information security program has
been mentioned along with the analysis of the several guidelines for the information security risk
management along with the guidelines for the certification and accreditation of the information
security is also explained in this report.
INFORMATION SECURITY
Executive Summary
The term information security is referred to as a state of protection of information like
confidential data against the unauthorized utilization of the information, misuse of the
confidential information such as electronic data. This report is concerned with the security of
sensitive and confidential information of a certain any organization that aims to support the
disadvantaged children by paying their tuition fees as well as providing them with
accommodation as well. The confidential data of this organization like the details of the donor
along with their amount of donation and the details of the candidates getting help from this
organization should be kept safe and secure as it is communicated over the internet so the data
does not gets stolen by any unauthorized user. In this report the information security program has
been mentioned along with the analysis of the several guidelines for the information security risk
management along with the guidelines for the certification and accreditation of the information
security is also explained in this report.
2
INFORMATION SECURITY
Table of Contents
Introduction......................................................................................................................................3
Discussion........................................................................................................................................4
Conclusion.....................................................................................................................................11
References......................................................................................................................................12
INFORMATION SECURITY
Table of Contents
Introduction......................................................................................................................................3
Discussion........................................................................................................................................4
Conclusion.....................................................................................................................................11
References......................................................................................................................................12
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3
INFORMATION SECURITY
Introduction
Information security is known as a state of protection of information like confidential
data against the unauthorized utilization of the information, misuse of the confidential
information such as electronic data (Peltier 2016). It can also be referred to as the various
measures taken for the achievement of the protection of the confidential information. A new
independent organization named FuturePlus is established for the purpose of for providing
charity to the various students in Australia who are disadvantaged. This organization established
for the purpose of charity helps these disadvantaged students in continuing their education by
providing them with chance along with a future which is full of possibilities.
The kinds of support which are provided by this organization consists of payments of all
the supplies related to education along with the tuition fees along with the accommodations
required by the students (Safa et al. 2016). The further plans of the organization includes
development along with the offerings of more programs for helping those students like various
kinds of tutoring programs as well as early intervention. The donations of the public help in
covering all these costs. Monthly donations are collected by their organization with the help of
their websites with a payment system that is a secure one. Funds are also collected by them by
raising of the various drives two times in a year by the method of advertising on their own
website, national television along with emails. The casual staffs are received by them both full-
time as well as casual which consists of accountant, operations manager, planning officer,
support staffs along with the case officers. Extra support is provided by the casual staffs to all
case officers regarding the eligibility checks along with the information of the students who are
helped by this organization (Soomro et al. 2016). The further plans also involves an increase in
the number of disadvantaged students as well as the staffs.
INFORMATION SECURITY
Introduction
Information security is known as a state of protection of information like confidential
data against the unauthorized utilization of the information, misuse of the confidential
information such as electronic data (Peltier 2016). It can also be referred to as the various
measures taken for the achievement of the protection of the confidential information. A new
independent organization named FuturePlus is established for the purpose of for providing
charity to the various students in Australia who are disadvantaged. This organization established
for the purpose of charity helps these disadvantaged students in continuing their education by
providing them with chance along with a future which is full of possibilities.
The kinds of support which are provided by this organization consists of payments of all
the supplies related to education along with the tuition fees along with the accommodations
required by the students (Safa et al. 2016). The further plans of the organization includes
development along with the offerings of more programs for helping those students like various
kinds of tutoring programs as well as early intervention. The donations of the public help in
covering all these costs. Monthly donations are collected by their organization with the help of
their websites with a payment system that is a secure one. Funds are also collected by them by
raising of the various drives two times in a year by the method of advertising on their own
website, national television along with emails. The casual staffs are received by them both full-
time as well as casual which consists of accountant, operations manager, planning officer,
support staffs along with the case officers. Extra support is provided by the casual staffs to all
case officers regarding the eligibility checks along with the information of the students who are
helped by this organization (Soomro et al. 2016). The further plans also involves an increase in
the number of disadvantaged students as well as the staffs.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4
INFORMATION SECURITY
A high-rise building has been occupied by this organization and the network of it has
been along with the servers. The network site of this organization in linked with the internet the
wireless technology of 5G. Portable devices are provided to the casual staffs by the organization
which be helpful in taking the case notes on-site during their visits to the sites and in turn
sending it to their organization through the communications which are secure. The security of the
communications and the server over internet is checked as confidential information about the
donor of the organization, the amount of donations received by the students along with all the
details related to payments like the details of the credit cards and bank account is sent and
communicated.
An information security program is requested by this organization so that all the
confidential information of this organization remains safe and secure (Hajli et al. 2016). The
report aims to focus on the risk management criteria of the information security. The report also
aims to focus on the criteria for the certification of the accreditation as well as certification of
security of information security of this particular organization whose purpose is to provide help
to the disadvantaged students by paying their fees, paying accommodation to them etc. A
program for the information security is very important which can be also stated as the
implementation and designing of various security principles for protection of the IT assets as
well as the critical processes of business (McCormac et al. 2017). The security principles forms
the basis of the programs which are meant to mature over the time.
Discussion
Guidelines for information security risk management:
INFORMATION SECURITY
A high-rise building has been occupied by this organization and the network of it has
been along with the servers. The network site of this organization in linked with the internet the
wireless technology of 5G. Portable devices are provided to the casual staffs by the organization
which be helpful in taking the case notes on-site during their visits to the sites and in turn
sending it to their organization through the communications which are secure. The security of the
communications and the server over internet is checked as confidential information about the
donor of the organization, the amount of donations received by the students along with all the
details related to payments like the details of the credit cards and bank account is sent and
communicated.
An information security program is requested by this organization so that all the
confidential information of this organization remains safe and secure (Hajli et al. 2016). The
report aims to focus on the risk management criteria of the information security. The report also
aims to focus on the criteria for the certification of the accreditation as well as certification of
security of information security of this particular organization whose purpose is to provide help
to the disadvantaged students by paying their fees, paying accommodation to them etc. A
program for the information security is very important which can be also stated as the
implementation and designing of various security principles for protection of the IT assets as
well as the critical processes of business (McCormac et al. 2017). The security principles forms
the basis of the programs which are meant to mature over the time.
Discussion
Guidelines for information security risk management:
5
INFORMATION SECURITY
The risk management becomes an essential factor in context of security of information. It is
referred to as an important methods that mainly focuses on the efforts of security that is applied
on the mission of a particular organization and it is also very helpful in prioritizing the efforts of
security on the systems that are critical in nature. Various roles that are played by the risk
management are it helps in prioritizing the deluge, it helps in translating the security into the
language that is understood by the business (Shropshire et al. 2015). The risk management is
responsible for dropping the fixation of the security on technology. The risk management is also
responsible for the insertion of the IT security in the business.
An effective program for the risk management of security of information can be created by
the implementation of the various solutions of technology for the detection as well as eradication
of the threats before the confidential and sensitive data gets compromised. For the creation of the
effective program, a security office along with accountability should be established.
In addition to this, compliance should definitely be ensured with all the policies that are
related to security as there are numerous risks available like those risks related to network
security, numerous risks which are related to security of IT and data along with the existing
controls of security in the organization (Ab Rahman et al. 2015). Various measures that are taken
to rectify the vulnerabilities that take place through the numerous approaches are acceptance of
the risk, avoidance of risk, management of the occurred risks, and management of the incident
along with planning of the responses to the occurred incident.
The risk management of information security is also abbreviated in the form of ISRM is
referred to the methods of the management of the various kinds of risks with the utilization of the
information technology. It includes the methods of identification, assessment along with the
treatment of the risks with integrity, availability along with confidentiality of all assets of the
INFORMATION SECURITY
The risk management becomes an essential factor in context of security of information. It is
referred to as an important methods that mainly focuses on the efforts of security that is applied
on the mission of a particular organization and it is also very helpful in prioritizing the efforts of
security on the systems that are critical in nature. Various roles that are played by the risk
management are it helps in prioritizing the deluge, it helps in translating the security into the
language that is understood by the business (Shropshire et al. 2015). The risk management is
responsible for dropping the fixation of the security on technology. The risk management is also
responsible for the insertion of the IT security in the business.
An effective program for the risk management of security of information can be created by
the implementation of the various solutions of technology for the detection as well as eradication
of the threats before the confidential and sensitive data gets compromised. For the creation of the
effective program, a security office along with accountability should be established.
In addition to this, compliance should definitely be ensured with all the policies that are
related to security as there are numerous risks available like those risks related to network
security, numerous risks which are related to security of IT and data along with the existing
controls of security in the organization (Ab Rahman et al. 2015). Various measures that are taken
to rectify the vulnerabilities that take place through the numerous approaches are acceptance of
the risk, avoidance of risk, management of the occurred risks, and management of the incident
along with planning of the responses to the occurred incident.
The risk management of information security is also abbreviated in the form of ISRM is
referred to the methods of the management of the various kinds of risks with the utilization of the
information technology. It includes the methods of identification, assessment along with the
treatment of the risks with integrity, availability along with confidentiality of all assets of the
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6
INFORMATION SECURITY
particular organization (Stamp 2017). The three basic guidelines of the information security
consist of availability, confidentiality and integrity. The main concern is on the protection of the
data confidentiality, preserving the data integrity and promotion of the data availability for the
authorized utilization. The confidentiality of the sensitive information and confidential data like
the details of the donors, details about the donations and details of each and every student getting
benefitted by the is taken care of the organization and all this details are transferred over a secure
connection of internet so that these kinds of sensitive information does not gets disclosed to any
of the unauthorized access which can results towards the misuse of the sensitive information
(Laszka et al. 2015). The organization is responsible for maintaining the integrity of data that the
modifications of data as well as these sensitive information can only be accessible by the
authorized persons who are working in this organization named as FuturePlus.
The organization also helps in the promotion of the availability of the sensitive and
confidential data and it can only be utilized by those who are authorized to access this important
data of the organization. This particular organization that is mend for charity provides portable
devices to the various number of staffs who in turn makes the utilization of those provided
portable devices in making of the various notes on-site whenever they are on a visit to the sites
and communicate back their reports to the main office through the help of the portable devices
over a secure connection of internet (Elnajjar et al. 2017). By preserving the integrity of the
details of sensitive information, this company prevents all the users who are unauthorized from
making any sort of modifications to the programs or data. The authorized users are also
prevented from making any sort of unauthorized as well as improper changes that would cause a
great loss to the organization.
INFORMATION SECURITY
particular organization (Stamp 2017). The three basic guidelines of the information security
consist of availability, confidentiality and integrity. The main concern is on the protection of the
data confidentiality, preserving the data integrity and promotion of the data availability for the
authorized utilization. The confidentiality of the sensitive information and confidential data like
the details of the donors, details about the donations and details of each and every student getting
benefitted by the is taken care of the organization and all this details are transferred over a secure
connection of internet so that these kinds of sensitive information does not gets disclosed to any
of the unauthorized access which can results towards the misuse of the sensitive information
(Laszka et al. 2015). The organization is responsible for maintaining the integrity of data that the
modifications of data as well as these sensitive information can only be accessible by the
authorized persons who are working in this organization named as FuturePlus.
The organization also helps in the promotion of the availability of the sensitive and
confidential data and it can only be utilized by those who are authorized to access this important
data of the organization. This particular organization that is mend for charity provides portable
devices to the various number of staffs who in turn makes the utilization of those provided
portable devices in making of the various notes on-site whenever they are on a visit to the sites
and communicate back their reports to the main office through the help of the portable devices
over a secure connection of internet (Elnajjar et al. 2017). By preserving the integrity of the
details of sensitive information, this company prevents all the users who are unauthorized from
making any sort of modifications to the programs or data. The authorized users are also
prevented from making any sort of unauthorized as well as improper changes that would cause a
great loss to the organization.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
INFORMATION SECURITY
This organization is also successful in the maintenance of both external as well as internal
data consistency as well as consistency of programs. The information security program of this
organization should include the application of encryption to the sensitive information of the
organization which will be delivered over the internet along with examining the security systems
of the computer for uncovering of the occurrence of the new vulnerabilities (AlHogail 2015).
The information security program of this organization should also involve the further
construction of software in a defensive manner. It should also involve the development of a
strong recovery plan for ensuring that all the activities taking place in the organization continues
to maintain its existence in the events like that of a disaster or a loss or the accessibility of the
confidential information by the concerned personnel.
The guidelines of the risk management involves the identification of risks, analysis of the
risks, controlling of the risk, financing of the risk as well as management of the claims which in
turn can be applied to the various problems or situations that take place within the organization
(Cavelty et al. 2016). The privacy of the confidential information is also maintained by the
organization as the information is communicated over the secure networks over the internet.
Some of the measures that can be involved in information security program are the utilization
of the password generators which could be utilized for the generation of the passwords by the
method of permutation of certain selected set of phrases or words. The password checkers must
be utilized as these are the tools responsible for the checking of the passwords on a regular basis
for the probability of guessing of the passwords. another measure that could be taken is the
limitation of the number of the attempts of login which can help in preventing the attackers from
their uncountable attempts of log in to the system and steal the sensitive data of the organization
INFORMATION SECURITY
This organization is also successful in the maintenance of both external as well as internal
data consistency as well as consistency of programs. The information security program of this
organization should include the application of encryption to the sensitive information of the
organization which will be delivered over the internet along with examining the security systems
of the computer for uncovering of the occurrence of the new vulnerabilities (AlHogail 2015).
The information security program of this organization should also involve the further
construction of software in a defensive manner. It should also involve the development of a
strong recovery plan for ensuring that all the activities taking place in the organization continues
to maintain its existence in the events like that of a disaster or a loss or the accessibility of the
confidential information by the concerned personnel.
The guidelines of the risk management involves the identification of risks, analysis of the
risks, controlling of the risk, financing of the risk as well as management of the claims which in
turn can be applied to the various problems or situations that take place within the organization
(Cavelty et al. 2016). The privacy of the confidential information is also maintained by the
organization as the information is communicated over the secure networks over the internet.
Some of the measures that can be involved in information security program are the utilization
of the password generators which could be utilized for the generation of the passwords by the
method of permutation of certain selected set of phrases or words. The password checkers must
be utilized as these are the tools responsible for the checking of the passwords on a regular basis
for the probability of guessing of the passwords. another measure that could be taken is the
limitation of the number of the attempts of login which can help in preventing the attackers from
their uncountable attempts of log in to the system and steal the sensitive data of the organization
8
INFORMATION SECURITY
and in turn the user accounts can get locked by the process of setting of the thresholds for the
login failures.
Along with this, the coordinate passwords should also be utilized. Moreover, the reports of
the utilization of data are produced. The detection of the attacks as well as the intrusions should
always be kept a track of. The various activities of the systems should recorded for the tuning of
the performances (Zhang et al. 2018). A set of actions as well as law enforcement must be
created. The reason behind the creation of accountability is the log in of the events with certain
information from the authorized as well as authenticated user.
Guidelines for information security certification and accreditation:
The certification and accreditation of the information security consists of optimization of
the information security. The various IT risks are minimized with certification and accreditation
of the information security. The process of certification and accreditation of information system
involves preliminary audit which is optional, certification audit of level 1 as well as level 2,
issuing of the certificate which is followed by the surveillance audit annually along with the
recertification. The various guidelines for certification and accreditation of the information
security are much needed for information security program in various organizations. The
certification and accreditation is obtained by this organization by the method of preparing,
establishing of scope, context and the objectives. The certification and accreditation of the
information security program can be obtained by holding an assessment of the risk that could
occur (Parsons et al. 2017). The risks related to the occurrence of the risks is the implementation
of various controls for the mitigation of the various risks which can result in the achievement of
certification and accreditation of the information security.
INFORMATION SECURITY
and in turn the user accounts can get locked by the process of setting of the thresholds for the
login failures.
Along with this, the coordinate passwords should also be utilized. Moreover, the reports of
the utilization of data are produced. The detection of the attacks as well as the intrusions should
always be kept a track of. The various activities of the systems should recorded for the tuning of
the performances (Zhang et al. 2018). A set of actions as well as law enforcement must be
created. The reason behind the creation of accountability is the log in of the events with certain
information from the authorized as well as authenticated user.
Guidelines for information security certification and accreditation:
The certification and accreditation of the information security consists of optimization of
the information security. The various IT risks are minimized with certification and accreditation
of the information security. The process of certification and accreditation of information system
involves preliminary audit which is optional, certification audit of level 1 as well as level 2,
issuing of the certificate which is followed by the surveillance audit annually along with the
recertification. The various guidelines for certification and accreditation of the information
security are much needed for information security program in various organizations. The
certification and accreditation is obtained by this organization by the method of preparing,
establishing of scope, context and the objectives. The certification and accreditation of the
information security program can be obtained by holding an assessment of the risk that could
occur (Parsons et al. 2017). The risks related to the occurrence of the risks is the implementation
of various controls for the mitigation of the various risks which can result in the achievement of
certification and accreditation of the information security.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9
INFORMATION SECURITY
Various trainings can be held along with the reviewing and the updating of all the
documents that are required and are important in the process of obtaining certification and
accreditation of the information security. The important document involves various policies of
information security, process of risk assessment of the information security along with various
processes for the treatment of the identified risks of the information security. The certification
and accreditation requires several number of the internal audits along with the certification or the
registration audits.
In other words, the processes of certification and accreditation focuses on the evaluation
of the information system security, determination of the risks that are related with the operations
of the information system. This organization named FuturePlus should choose the right standard
that will be a best match for this organization as the main focus of the certification is being able
to meet all the expectations and requirements of the customer by the process of enhancement of
the satisfaction along with the documenting of the quality of the processes of the organization.
The certification and accreditation of information security of this organization is important and is
very beneficial in the long run (Dehling et al. 2015). By this certification, various internal
methods of this organization will get improved leading to the organization being more effective
as well as efficient.
Additionally, the certification of the security of information also aims to focus on cyber
security as reports of stealing of the records of data is very common. Along with this, data breach
is very expensive both in reputation as well as financial terms. The certification and accreditation
performs an essential part in providing insights into the current procedures of the information
security and also provides ways as to how these particular procedures can be improved. The
certification and accreditation is useful in providing criteria as well as the framework for the
INFORMATION SECURITY
Various trainings can be held along with the reviewing and the updating of all the
documents that are required and are important in the process of obtaining certification and
accreditation of the information security. The important document involves various policies of
information security, process of risk assessment of the information security along with various
processes for the treatment of the identified risks of the information security. The certification
and accreditation requires several number of the internal audits along with the certification or the
registration audits.
In other words, the processes of certification and accreditation focuses on the evaluation
of the information system security, determination of the risks that are related with the operations
of the information system. This organization named FuturePlus should choose the right standard
that will be a best match for this organization as the main focus of the certification is being able
to meet all the expectations and requirements of the customer by the process of enhancement of
the satisfaction along with the documenting of the quality of the processes of the organization.
The certification and accreditation of information security of this organization is important and is
very beneficial in the long run (Dehling et al. 2015). By this certification, various internal
methods of this organization will get improved leading to the organization being more effective
as well as efficient.
Additionally, the certification of the security of information also aims to focus on cyber
security as reports of stealing of the records of data is very common. Along with this, data breach
is very expensive both in reputation as well as financial terms. The certification and accreditation
performs an essential part in providing insights into the current procedures of the information
security and also provides ways as to how these particular procedures can be improved. The
certification and accreditation is useful in providing criteria as well as the framework for the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10
INFORMATION SECURITY
system that are environmentally managed (Cram et al. 2017). Several kinds of environmental
practices can be improved by the certification and accreditation of information security.
Another step to gain certification and accreditation of the information security is the
making and the selection of the right choices of the body of certification as its one of the most
important steps towards the organization being more successful. Before the selection of a body
of certification, some of the factors must be checked like is the selected body of certification
accredited by the accreditation services as this is the only accreditation that is recognized by the
government which is concerned for providing the testing, certification as well as the inspection
of various services (Smith 2019). The reviews of the selected body of certification should be
checked online before finalizing the body of certification. The other factors that needs to be
checked are does the selected body of certification consists of a client portal or various other
resources available on their respective website along with the social following indicating towards
the engagement of people regarding the insights of their industry online or not.
For certification and accreditation of the information security, stakeholders are required
to be onboard for this organization as well as supporting this organization. The steps which are
involved are the viewing of the certification in the form of a partnership as it is very important
for the selected stakeholders of the organization to be very supportive as well as responsive
towards the organization (Hsu et al. 2015). The operations officer as well as the casual staff of
this organization that is meant for providing help to all the disadvantaged students all come
together to collaboratively work and make things happen in a better manner.
The next factor is the process of communication which indicates towards the good
process of communication among the members working in this particular organization and the
certification of the information security is beneficial in transforming the process of much
INFORMATION SECURITY
system that are environmentally managed (Cram et al. 2017). Several kinds of environmental
practices can be improved by the certification and accreditation of information security.
Another step to gain certification and accreditation of the information security is the
making and the selection of the right choices of the body of certification as its one of the most
important steps towards the organization being more successful. Before the selection of a body
of certification, some of the factors must be checked like is the selected body of certification
accredited by the accreditation services as this is the only accreditation that is recognized by the
government which is concerned for providing the testing, certification as well as the inspection
of various services (Smith 2019). The reviews of the selected body of certification should be
checked online before finalizing the body of certification. The other factors that needs to be
checked are does the selected body of certification consists of a client portal or various other
resources available on their respective website along with the social following indicating towards
the engagement of people regarding the insights of their industry online or not.
For certification and accreditation of the information security, stakeholders are required
to be onboard for this organization as well as supporting this organization. The steps which are
involved are the viewing of the certification in the form of a partnership as it is very important
for the selected stakeholders of the organization to be very supportive as well as responsive
towards the organization (Hsu et al. 2015). The operations officer as well as the casual staff of
this organization that is meant for providing help to all the disadvantaged students all come
together to collaboratively work and make things happen in a better manner.
The next factor is the process of communication which indicates towards the good
process of communication among the members working in this particular organization and the
certification of the information security is beneficial in transforming the process of much
11
INFORMATION SECURITY
smoother communication (Bhattarai et al. 2016). It is followed by Stage 1 and the development
of a management system. It is then followed by the stage 2 audit. This organization possesses
good communication and this all factors leads to the certification and accreditation of it which
needs to be included in information security program of this organization for preserving
security of their data.
Conclusion
It can be understood that designing an information security program is very necessary for the
organization like these which are mend for providing support to the disadvantaged students like
payment of their tuition fees as well as providing them with accommodation as well. The
confidential data of this organization like the details of the donor along with their amount of
donation and the details of the candidates getting help from this organization should be kept safe
and secure as it is communicated over the internet so the data does not gets stolen by any
unauthorized user. In this report the information security program has been mentioned along with
the analysis of the several guidelines for the risk management of information security and the
guidelines for certification and accreditation of the information security as maintaining the
security of the information of an organization is important and measures should be taken to
maintain it.
INFORMATION SECURITY
smoother communication (Bhattarai et al. 2016). It is followed by Stage 1 and the development
of a management system. It is then followed by the stage 2 audit. This organization possesses
good communication and this all factors leads to the certification and accreditation of it which
needs to be included in information security program of this organization for preserving
security of their data.
Conclusion
It can be understood that designing an information security program is very necessary for the
organization like these which are mend for providing support to the disadvantaged students like
payment of their tuition fees as well as providing them with accommodation as well. The
confidential data of this organization like the details of the donor along with their amount of
donation and the details of the candidates getting help from this organization should be kept safe
and secure as it is communicated over the internet so the data does not gets stolen by any
unauthorized user. In this report the information security program has been mentioned along with
the analysis of the several guidelines for the risk management of information security and the
guidelines for certification and accreditation of the information security as maintaining the
security of the information of an organization is important and measures should be taken to
maintain it.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 15
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2026 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.