Information Security Policy Compliance Model
Added on 2022-08-31
12 Pages2946 Words13 Views
|
|
|
Running head: INFORMATION SYSTEM
INFORMATION SYSTEMS
Name of the Student:
Name of the University:
Author Note:
INFORMATION SYSTEMS
Name of the Student:
Name of the University:
Author Note:
INFORMATION SYSTEMS1
Table of Contents
Introduction................................................................................................................................2
Importance of Information Security...........................................................................................2
Confidentiality........................................................................................................................5
Integrity..................................................................................................................................6
Availability.............................................................................................................................6
Non Repudiation....................................................................................................................6
Accountability........................................................................................................................7
Authenticity............................................................................................................................7
Threats of Information Security.................................................................................................7
Responses to the threats.........................................................................................................8
Conclusion..................................................................................................................................9
References................................................................................................................................10
Table of Contents
Introduction................................................................................................................................2
Importance of Information Security...........................................................................................2
Confidentiality........................................................................................................................5
Integrity..................................................................................................................................6
Availability.............................................................................................................................6
Non Repudiation....................................................................................................................6
Accountability........................................................................................................................7
Authenticity............................................................................................................................7
Threats of Information Security.................................................................................................7
Responses to the threats.........................................................................................................8
Conclusion..................................................................................................................................9
References................................................................................................................................10
INFORMATION SYSTEMS2
Introduction
Information Security is practice to protect information by mitigation of information
risks. This is a risk management of information’s part. This involves typically reducing or
preventing probability of inappropriate or unauthorised use, access, disruption, disclosure,
destruction, deletion, modification, corruption, devaluation, recording or inspection.
However, it might involve reducing incidents’ adverse impacts. The information might take
any kind of form, such as electronic, tangible, physical or intangible. Information security’s
main focus is protection for integrity, confidentiality or availability of the data, along with
maintaining focus over policy implementation that is effective, without hampering the
productivity of the organization (Von Solms and Van Niekerk 2013).
It is achieved largely by risk management’s structured process which involves
evaluating risks, identification of information and all related assets along with potential
vulnerabilities, impacts and threats, deciding the procedure to treat or address the risks, which
is avoiding, mitigating, accepting or sharing them, where there is need of risk mitigation,
designing or selecting proper controls of security and implementing those and monitoring
activities, making the adjustments for addressing any kind of changes, issues and
opportunities for improvement (Peltier 2013).
Importance of Information Security
Information security is critical for every organization for protecting their business
data and also conducts the business. It could be defined as protection of system and
information and the hardware which store, transmit and use the information. Four essential
functions are performed by information security for organization that is protect ability for
functioning for the organization, enable applications’ sage operation which are implemented
on IT systems of the organization, protect data which is used and collected by the
Introduction
Information Security is practice to protect information by mitigation of information
risks. This is a risk management of information’s part. This involves typically reducing or
preventing probability of inappropriate or unauthorised use, access, disruption, disclosure,
destruction, deletion, modification, corruption, devaluation, recording or inspection.
However, it might involve reducing incidents’ adverse impacts. The information might take
any kind of form, such as electronic, tangible, physical or intangible. Information security’s
main focus is protection for integrity, confidentiality or availability of the data, along with
maintaining focus over policy implementation that is effective, without hampering the
productivity of the organization (Von Solms and Van Niekerk 2013).
It is achieved largely by risk management’s structured process which involves
evaluating risks, identification of information and all related assets along with potential
vulnerabilities, impacts and threats, deciding the procedure to treat or address the risks, which
is avoiding, mitigating, accepting or sharing them, where there is need of risk mitigation,
designing or selecting proper controls of security and implementing those and monitoring
activities, making the adjustments for addressing any kind of changes, issues and
opportunities for improvement (Peltier 2013).
Importance of Information Security
Information security is critical for every organization for protecting their business
data and also conducts the business. It could be defined as protection of system and
information and the hardware which store, transmit and use the information. Four essential
functions are performed by information security for organization that is protect ability for
functioning for the organization, enable applications’ sage operation which are implemented
on IT systems of the organization, protect data which is used and collected by the
INFORMATION SYSTEMS3
organization and safeguards the assets of technology that is used within the organization
(Crossler et. al. 2013). However, there are risks and challenges involved in implementation of
information security within organizations.
Information is an essential asset for the organizations. Information must be protected
appropriately. The security is for combining systems, internal controls and operation for
ensuring confidentiality and integrity of data and procedures of the operation within the
organization. Information security is used for protecting the data which is owned by an
individual or the organization from the risks or threats. Goal of information security is
building protection against attackers who could cause damage. Information security is
protecting information and the critical elements, which consists of systems and the hardware
which use, transmit and store the information. It is group of policies, management practices,
technologies and standards which are applied in information for keeping it secure.
Information security enables also applications’ safe operation which are implemented on IT
systems of the organization as for protecting the data, organization would install proper
software that must secure data like antivirus (Siponen, Mahmood and Pahnila 2014). Hence,
it is really crucial within the organization for protecting applications which are implemented
within organizations and also protect data which are stored within the systems. Along with
protecting the data, application which are installed must be protected also as it could
contribute in damages of information.
It would protect data which is used and collected by the organization. If data is left
not protected, anyone could access the data. If information falls in wrong hands, this could
drop business, destroy lives and could be used for doing harm. Programs of information
security would ensure that protection is provided to proper information, both requirements of
legal and business by taking necessary steps for protecting the data of the organization.
Additionally, steps are taken for protecting information of organization to maintain privacy
organization and safeguards the assets of technology that is used within the organization
(Crossler et. al. 2013). However, there are risks and challenges involved in implementation of
information security within organizations.
Information is an essential asset for the organizations. Information must be protected
appropriately. The security is for combining systems, internal controls and operation for
ensuring confidentiality and integrity of data and procedures of the operation within the
organization. Information security is used for protecting the data which is owned by an
individual or the organization from the risks or threats. Goal of information security is
building protection against attackers who could cause damage. Information security is
protecting information and the critical elements, which consists of systems and the hardware
which use, transmit and store the information. It is group of policies, management practices,
technologies and standards which are applied in information for keeping it secure.
Information security enables also applications’ safe operation which are implemented on IT
systems of the organization as for protecting the data, organization would install proper
software that must secure data like antivirus (Siponen, Mahmood and Pahnila 2014). Hence,
it is really crucial within the organization for protecting applications which are implemented
within organizations and also protect data which are stored within the systems. Along with
protecting the data, application which are installed must be protected also as it could
contribute in damages of information.
It would protect data which is used and collected by the organization. If data is left
not protected, anyone could access the data. If information falls in wrong hands, this could
drop business, destroy lives and could be used for doing harm. Programs of information
security would ensure that protection is provided to proper information, both requirements of
legal and business by taking necessary steps for protecting the data of the organization.
Additionally, steps are taken for protecting information of organization to maintain privacy
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents