logo

Information Security Policy - Assignment

   

Added on  2022-08-26

6 Pages1126 Words20 Views
Running Header: SECURITY POLICY 1
INFORMATION SECURITY POLICY
Name
Institution
Date

INFORMATION SECURITY POLICY 2
The formal security policies and a security plan. Include the following policies in your IT
security policy:
The company’s Information Security Policy and guidelines acts as foundation for the
organization in guarding the privacy, reliability, and availability, organizing and managing
confidential data. The policy is an all-inclusive Information Security document which
comprises of all parts of Information Security and, set prevalence of computerized information
handling techniques, predominantly in regard to Information technology safety.
The organization of Information Security Policy is in line with safety measures which
have been put in place to protect and offer easy linkage between the standard’s requirements
and associated the firm’s policy statements.
Purpose
The supervision of data Security is the realistic selection and successful implementation
of proper measures to guard vital organization data assets. Controls and management methods,
coupled with the subsequent monitoring of their effectiveness and appropriateness. The three
objectives of Information Security contain:
Integrity
Confidentiality
Availability
The direction enclosed in Regulation needs the firm’s Staff to exercise the highest
carefulness with respect to all issues of formal business. The staff are required not talk to any
entity, Government, individual or any different source of data known to them through their
official post unless they gain approval of the company’s head. That direction is supported and
implemented by this Policy. This Policy lay rules for the protection of information, smoothing

INFORMATION SECURITY POLICY 2
security management judgements, and guiding those objectives which create, encourage, and
safeguard best Information Security direction and management within the company’s working
environment.
Scope
Data shall be categorized and classified in terms of its legal requirements, value,
criticality and sensitivity, to the company. Correct procedures for handling and labeling
sensitive data shall be established and implemented. Such measures may include special
handling front-runners or other distribution cautions such as ’internal use only’ and ’in-
confidence’(RA,et al,2017).
1. Disaster recovery
Constructing security into the disaster recovery
Duplicating the security structure, may be more challenging than it may firstly appear.
The network at the primary position will hold servers , routers, firewalls, and the disaster
recovery location may be structured in precisely the same manner. Just installing a similar
apparatus in the same configuration is not enough. Therefore the company will require that all of
devices used for accessing the data to have back up plan and updated security guidelines within
them and these guidelines must be updated regularly , every time the user or applications are
added, removed or amended (Neumann,2014).
2. Password creation and protection
Computing system shall be secured by passwords. The account owners as well as system
managers shall guard the security of those code word by handling the passwords in an
accountable manner. System developers shall build systems which store or convey password

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Planning Details for Network Security, Backup, Disaster Recovery and Maintenance Schedule
|3
|793
|79

Implementation of CIA
|4
|768
|382

Information System Control and Auditing | Case Study Report
|9
|1574
|16

Sunshine 100 Social Media Policy
|7
|224
|156

Security Policy and Recommendations for Dealing with Cyber Crime
|7
|1182
|64

Threat Categories for Information Security: Prevention and Detection Techniques
|13
|1796
|257