Ask a question from expert

Ask now

Information Security Management- Assignment

8 Pages1556 Words188 Views
   

Added on  2020-04-15

Information Security Management- Assignment

   Added on 2020-04-15

BookmarkShareRelated Documents
Running head: POLICY DOCUMENT ON INFORMATION SECURITYPolicy document on Information security management and compliance(University of Hertfordshire)Name of the student:Name of the university:Author Note
Information Security Management- Assignment_1
1POLICY DOCUMENT ON INFORMATION SECURITYPolicy Document on Acceptable Use Policy (AUP)1. Background towards developing the policy:The policy document is the continuation of analysis and identification of the risks regardingthe current security policies and set up. It is also found from the analysis of the current system thatthere have been various risks related to the system that are still needed to be addressed or solved.The policies were needed to be modified, and various new steps are taken to address the relatedrisks. The policy demonstrated the AUP or Acceptable Use Policy. It also includes the lines of theISO27000 family. It also links the BYOD, or the “Bring Your Device Policy” to the AUP. All theintegrities, confidentialities and the availabilities of the challenges information assets are analyzedhere. 2. Purpose: The BYOD program involves the students and parents to bring their mobile devicessupporting the learning and teaching tasks. For the program, the mobile device indicates the student-owned device like the laptop, iPod touch, suitable phone and tablet. It must be reminded that thepersonal gaming devices are not permitted in the program. This risk analysis policy has documented the authority of University of Hertfordshire forconducting the investigations and taking actions as needed to analyze the risks in the university. Itintends to mitigate the measures for reducing, eliminating and managing the risks. The documentspecifies when and how the risk analysis could be done and who have been behind thoseresponsibilities. Further, the policy determines how the risks could be identified for remediating it. Itis conducted keeping the authority of the Chief Security Officer.
Information Security Management- Assignment_2
2POLICY DOCUMENT ON INFORMATION SECURITY3. Scope: This policy applies to every data and systems on the organizational network operated orowned by the university. The policy is efficient since the date issues never expire till it getssuperseded by any other policy. However various risks analysis is particular to the system, the entirerisk to the organization is needed to be considered. Moreover, the general risk analysis of theuniversity functions is evaluated periodically like the risks to the network. 4. Term Definitions:Risk: The chance of an undesirable outcome along with the harm that could occur. Risk assessment: This is the analysis of every possible risk with the implemented and non-implemented solutions for managing, eliminating and reducing the risks. Threat: It could be accidental, deliberate or result from any nature. 5. Risk Assessment Participants and Skills:The staff members must perform the risk analysis. They must be familiar with the securityand technology. The leader here must be the security officer. The technical support staff and thebusiness owners must supply the information of risk assessment. 6. The risk assessment method:This method is defined with the risk analysis process. It needs to be upgraded as needed. Thereason behind this is the outcomes of incidents and audits.
Information Security Management- Assignment_3

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
What is Network Security? Defined
|7
|381
|17

Key Elements of Good Information Security System
|3
|362
|20

Concepts of information security assignment
|6
|1366
|215

BYOD Policy Threats and Security Strategies for Cybersecurity
|11
|2820
|426

Aztek Risk Management & Assessment
|18
|5082
|30

Cyber Security: Risks and Solutions for South Cross University
|12
|2052
|467