Due in Week Nine: Write 3 to 4 paragraphs giving a bottom-line summary of the specific measureable goals and objectives of the security plan, which can be implemented to define optimal security architecture for the selected business scenario.
Sunica Music and Movies will be implementing the best and affordable security measure and disaster recovery plan that is available. Our company will install the best firewall and security that will ensure that our customers and our company data are protected. We seek to maintain and recruit customers. We will always maintain confidentiality, availability, intertgity. By doing so, we shall and will keep the best computer systems and security that is available. Our goals are to expand our locations
…show more content…
2 Integrity
Give a brief overview of how the policy will provide rules for authentication and verification. Include a description of formal methods and system transactions.
Integrity keeps data pure and trustworthy by protecting system data from intentional or accidental changes. Integrity has three goals to prevent unauthorized users from making modifications to data or programs. To prevent authorized users from making improper or unauthorized modifications. To maintain internal and external consistency of data and programs.
3 Availability
Briefly describe how the policy will address system back up and recovery, access control, and quality of service.
Availability keeps data and resources available for authorized use, especially during emergencies or disasters. This policy will address common challenges to availability. Denial of Service this is due to intentional attacks or because of undiscovered flaws in implementation. The policy will address loss of information system capabilities because of natural disasters. The policy will also focus on equipment failures during normal use.
Disaster Recovery Plan
Due in Week Three: For your selected scenario, describe the key elements of the Disaster Recovery Plan to be used in case of a disaster and the plan for testing the DRP.
1 Risk Assessment
1 Critical business processes
List the mission-critical business systems and services that
All companies in today’s world need a disaster recovery plan in place to prevent risks of losing important information that may lead to loss of business, privacy issues and disruption in everyday operation. Each company, however, basing on the types of information housed and structure of the company can have different disaster recovery plans in place. There is not a one-size-fit-all plan out there that satisfies every company’s purpose. In this case, our client is a medium-sized federal contractor in need of a plan for system and network recovery with special stress on the need of natural disaster prevention measures. In the subsequent sections we will detail the objectives of the disaster recovery plan, scope and capability of the plan and
Policies are documents within the work place put together, influenced by law, by the manager. The policy will be designed around an area of practice that needs to be evidenced as being in line with law. The document gives a list of procedures for carrying out the task required,
A policy is a file or document that guides the service providers with principles on their how the
A Disaster Recovery Plan (DRP) focuses on the recovery of IT systems, applications, and data in the
“A policy is a statement of guidelines or rules on a given topic. A procedure describes the steps used to perform a given task or project.” (1) Tennessee
Due in Week Seven: Outline the Access Control Policy. Describe how access control methodologies work to secure information systems
Another step involves security checks upon implementation and describes agency-level threat to the business scenario or the mission. It similarly entails sanctioning the information system for processing and lastly constant monitoring of the security controls. FISMA and NIST's standards are aimed at offering the ways for agencies to achieve their identified missions with safety commensurate with the threat (United States Department of Agriculture, 2015). Together with guidelines from the Office of Management and Budget (OMB), FISMA and NIST create a framework for advancing and growing an information security scheme (SecureIT, 2008). Such framework includes control descriptions and evaluation, program development, and system certification and accreditation. The final objective involves conducting daily functioning of the agency and achieving the agency's articulated objectives with sufficient security commensurate with risk.
5. Of the three Systems/Application Domain risks, threats, and vulnerabilities identified, which one requires a disaster recovery plan and business continuity plan to maintain continued operations during a catastrophic outage? The mainframe or complete data loss. This should have an extensive DRP.
In this assignment, I will go over the different items related to the disaster recovery plan. I will go over the purpose of the plan, explain the key elements that go into a plan, the methods of testing the plan, and why we test the plan. All while explaining why the disaster recovery plan is so critical to businesses in the event of an emergency.
The following document is a sample Acceptable Use Security Policy using the outline identified in the Security Policy Template. The purpose of this sample document is to aid with the development of your own agency Acceptable Use Security Policy by giving specific examples of what can be performed, stored, accessed and used through the use of your departments computing resources.
|Review of Informational |Whether the Information Security Policy is|The security policy |Without the review of |Each policy should be |
Discuss the importance of disaster recovery and/or business continuity planning with respect to maintaining the confidentiality, integrity, and availability of information and information systems.
This Disaster Recovery Plan (DRP) describes the strategy and procedures for recovering vital information systems, records and data should a disaster substantially disrupt operations.
| |1. Obtain and study a copy of the client's policies |BZ |6/12/OX |N/A | |
Availability: Ensuring that systems and data are accessible to authorized users when they need it.