PricingBlogAbout Us

Information Assurance: Ethical Security, Audits, Logging and Accidents

Verified

Added on  2023/03/30

|7
|774
|204
Report
AI Summary
This report delves into the critical aspects of information assurance within an organization, specifically focusing on the ethical and legal considerations surrounding security monitoring of employee internet usage. It analyzes how organizations balance security needs with employee privacy, highlighting potential ethical and legal pitfalls. The report further explores the importance of audits and logging management processes in detecting system misuse and security incidents, emphasizing their role in regulating organizational security policies. A key component is the formulation of an incident response plan, outlining the steps to recover from malware attacks, including creating a taskforce, analyzing the cause of the attack, and implementing updated security measures. Finally, the report analyzes the essential requirements in the event of accidents, such as communication protocols, operational tools, and potential legal actions. The report concludes by emphasizing the necessity of balancing security measures with ethical considerations to protect both the organization and its employees.
Document Page
Running head: INFORMATION ASSURANCE
INFORMATION ASSURANCE
Name of the Student
Name of the University
Author Note
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
1INFORMATION ASSURANCE
Table of Contents
1. Introduction............................................................................................................................3
2. Discussion..............................................................................................................................4
2.1. Analysis of ethical and legal considerations related to security monitoring...................4
2.2. Analysis of audits and logging management process.....................................................4
2.3. Forming an incident response plan.................................................................................4
2.4. Analysis of requirements in the events of accidents.......................................................5
3. Conclusion..............................................................................................................................6
4. References..............................................................................................................................7
Document Page
2INFORMATION ASSURANCE
1. Introduction
The employees of an organization needs access to internet for personal business
purpose. Sometimes an employee can access malicious websites by mistake and thus the
information about system can leak out through this process. Various organization tracks the
internet usage of their employees to control this kind of situation. This report will analyze
ethical and legal considerations related to security monitoring along with forming a response
plan for the situation.

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
3INFORMATION ASSURANCE
2. Discussion
2.1. Analysis of ethical and legal considerations related to security monitoring
The employees of an organization have access to the internet system of the
organization. The system of the organization can be affected by malware if any employee
access malicious websites from the system. Some organizations tracks the internet usage of
their employee for this purpose. This method can be said to be unethical as the privacy of an
employee is hampered by this organizational policy. It is illegal according to some standards
as the privacy of an individual is hampered by the application of this policy (Chen et al.
2015). The organizations should inform their employees about the privacy policies of the
organizations for avoiding unethical and illegal monitoring of data.
2.2. Analysis of audits and logging management process
Audits helps to detect the penetration in the computer system of any organization and
the identification of misuse of the system is also detected by this process. Logging is the
process by which the data about this kind of accident is tracked (Jans, Alles and Vasarhelyi
2014). These two process investigate the security incidents which are probable. The
investigators take help from the data tracked by this two process. It also helps to regulate the
security policy of the organization. Audits can track the handling of sensitive information
inside an organization. If any employee is related to illegal handling of sensitive data then
that particular employee can be easily tracked using this methods.
2.3. Forming an incident response plan
An incident response plan is the process to recover from an attack of malware in the
computer system of an organization. A taskforce consisting of IT technician should be
created as a response to the attack for preventing further effect of attack. The cause of the
attack should be analyzed by the technicians and they should identify the cause of attack
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
4INFORMATION ASSURANCE
(Luttgens, Pepe and Mandia 2014). The access of the network should be disabled for every
employee and new type of security software should be installed in the system by the
technicians. Identification of the cause would help to reduce the chances of future attack on
the computer system.
2.4. Analysis of requirements in the events of accidents
There are some requirements which should be followed during the accident. These
requirements are analysis of the cause of the attack, communication between the technicians
and the higher authority of the organization, operational tools and software for potential
searching of the cause of accident and taking legal steps against the employees involved with
the case (Angelini, Prigent and Santucci 2015).
Document Page
5INFORMATION ASSURANCE
3. Conclusion
The conclusion which can be drawn from the above report states that the computer
system of an organization can be affected by the malware attacks. The employees have access
to internet inside an organization and malware can enter through the internet system of the
organization. Some organizations tracks the internet usage of their employee for this purpose.
If the organization tracks the internet usage of their employees without prior knowledge of
the employee then it can be a highly unethical and illegal issue.

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
6INFORMATION ASSURANCE
4. References
Angelini, M., Prigent, N. and Santucci, G., 2015, October. Percival: proactive and reactive
attack and response assessment for cyber incidents using visual analytics. In 2015 IEEE
Symposium on Visualization for Cyber Security (VizSec)(pp. 1-8). IEEE.
Chen, Y.A.N., Ramamurthy, K.R.A.M. and Wen, K.W., 2015. Impacts of comprehensive
information security programs on information security culture. Journal of Computer
Information Systems, 55(3), pp.11-19.
Jans, M., Alles, M.G. and Vasarhelyi, M.A., 2014. A field study on the use of process mining
of event logs as an analytical procedure in auditing. The Accounting Review, 89(5), pp.1751-
1773.
Luttgens, J.T., Pepe, M. and Mandia, K., 2014. Incident response & computer forensics.
McGraw-Hill Education Group.
chevron_up_icon
1 out of 7
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.