Introduction. After Reading Over The Current Service Level

1064 WordsFeb 24, 20175 Pages
Introduction After reading over the current Service Level Agreement (SLA) between Finman Account Management, LLC, and Datanal Inc, and Minertek, evidence was found that none security standards necessary to protect all parties are addressed within the document. The following information technology security standards are the recommended to protect all parties involved and should be applied to the SLA in this case. Finman Account Management, the chief concern is to provide guidelines within the SLA that address data protection, authorized use, sharing of data, and retention/destruction of data. Furthermore, Finman is devoted to protecting intellectual property, patents, and copyright while also safeguarding physical property. Statement of…show more content…
(6) “Appropriate technical and organizational measures shall be taken against unauthorized or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.” (Key Definitions Of The Data Protection Act | ICO, 2015). Authorize Use, Retention, Sharing, Destruction. The primary focus for Finman’s corporate data is limiting the retention, sharing, use and destruction by Minertek and Datanal. An IT alignment strategy will match each organization’s capabilities, resources, strengths, and risks to formulate strong goals from each partner to align. The standards and procedures proposed above ISO/IEC 20000 explain best practice for service management. ISO/IEC 20000 provides the approach for establishing best management practices which include establishing policies and procedures to provide proper information assurance for data, cyber security awareness training and risk management. Cybersecurity awareness training will reduce the chances of risks occurring between the three parties engaging in any active outside the best practices of the ISO/IEC 20000, while also mitigating risks to employees and networks. Once training has been completed each company will be responsible for the unauthorized retention, sharing, use and destruction of Finman’s corporate data. Furthermore, the core of Finman’s corporate data
Open Document