Ask a question from expert

Ask now

SBM4304 IS Security and Risk Management

13 Pages2597 Words34 Views
   

IT Security and Risk Management (SBM4304)

   

Added on  2020-02-24

SBM4304 IS Security and Risk Management

   

IT Security and Risk Management (SBM4304)

   Added on 2020-02-24

BookmarkShareRelated Documents
REPORT
SBM4304 IS Security and Risk Management_1
ContentsIntroduction......................................................................................................................................2Content of the Security Policy.........................................................................................................2Security Model for IT......................................................................................................................3Security standards and controls.......................................................................................................4Risk analysis and contingency planning..........................................................................................5General management controls and application controls for IS........................................................7Security Principles...........................................................................................................................8Analysis of IT threats, vulnerabilities and tools including social engineering................................9importance of auditing IS and safeguarding data quality..............................................................10References......................................................................................................................................12
SBM4304 IS Security and Risk Management_2
IntroductionThe IT security for Cisco is based on the computer systems from the theft or damage to handle the hardware, software or information with the disruption or the misdirection of the services, as and when they provided. The cyber security is included in the organisation with control of the physical access to the hardware and protecting the harm that comes through the network access, data and the code injection. The information security means to protect the data and the information system that comes from any of the unauthorised access, or the use, disclosure or the disruption. The information security management for Cisco is defined for controlling the securityand protecting the different information assets. The implementation of the information security isto argue and work towards the monitoring of the scree with secured knowledge. The operating systems are considered to seek for the beginning of the implementation of the security program and the objectives. Content of the Security Policy The security policy is based on the program to implement the information with the real proof of concepts and the explanation to be displayed on the monitoring screen. (Gerber et al, 2016). The OS passwords are then stored with proper acknowledgement of protecting the company and the assets for Cisco, the management of the risks is mainly through the identification of the assets and then working over the discovery of the same, with its proper estimation. One needs to provide with the proper security activities which are through framing of the information, procedures and setting the guidelines based on the baseline format. There are pogroms which are important for determining the security programs which includes:
SBM4304 IS Security and Risk Management_3
A.The top down approach where there is a proper initiation, management and the support which comes from the top management and the work is handled through the middle management.(Diffie, 2016).B.The bottom up approach is for securely handle the program without any extra support anddirection.The advancement of the procedures is based on effectively handling the communication with the use of security control programs. They are designed for the developing and then publishing the policies, standards and the procedures. Security Model for ITThe best security model is the organisational based access control (OrBAC) for Cisco which is for the accessing of control that rests on the subject, action and the object. It is mainly to control the access of the policies with the specifications related to the permission to realize about the actions on a particular object. The OrBAC works on allowing the policy designer to properly define the security policy which is based on the implementation plan. The methods are chosen with the fulfillment of the goals and subjects which are abstracted into the roles. The activity includes the different set of actions which relates to the same security rule. The view includes thedifferent sets of the objects to identify about the security rules. (Ament & Haag, 2016).
SBM4304 IS Security and Risk Management_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Information Security Policy Compliance Model
|12
|2946
|13

Security of Emerging Connected Systems Assignment PDF
|17
|3637
|141

BYOD Implementation and Risk Management
|11
|2509
|384

Cyber Security and Cyber Resilience: A Board of Directors' Guide
|9
|2583
|350

Asset Security and Risk Management for Charles Darwin University
|8
|581
|475

Personality Traits, Communication Skills, and Conflict Management: A Self-Analysis
|16
|3473
|184