Principles Of Information Security, Loose-leaf Version
6th Edition
ISBN: 9781337685757
Author: Michael E. Whitman, Herbert J. Mattord
Publisher: Cengage Learning
expand_more
expand_more
format_list_bulleted
Expert Solution & Answer
Chapter 11, Problem 18RQ
Explanation of Solution
Relationship between organization and temporary employees:
- Relationship: Temporary employees do not work for a company instead they are considered as paid employees of a temporary agency.
- Security precautions: Temporary employees’ access gets limited. They can access only the essential information or resources that are necessary for their particular work.
- The company has sign nondisclosure agreement and fair use policies and the supervisor make sure that all employees must follow security practices in order to avoid information leakage.
Relationship between organization and contract employees:
- Relationship: Contract employees are hired to carry out specific services. They work in the company until the job gets completed. Here, the organization makes contract with another company rather than making contract with the particular employee...
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solutionStudents have asked these similar questions
Why is company information confidentially important? What types of mistreatment come to mind in the absence of confidentiality controls? What illicit acts may be curtailed or stopped if confidentiality rules were properly put into place?
How do you define job security?
Of the case that there is a breach in a company's security, what steps should be taken?
Chapter 11 Solutions
Principles Of Information Security, Loose-leaf Version
Ch. 11 - Prob. 1RQCh. 11 - Prob. 2RQCh. 11 - Prob. 3RQCh. 11 - Prob. 4RQCh. 11 - Prob. 5RQCh. 11 - Prob. 6RQCh. 11 - Prob. 7RQCh. 11 - Prob. 8RQCh. 11 - Prob. 9RQCh. 11 - Prob. 10RQ
Ch. 11 - Prob. 11RQCh. 11 - Prob. 12RQCh. 11 - Prob. 13RQCh. 11 - Prob. 14RQCh. 11 - Prob. 15RQCh. 11 - Prob. 16RQCh. 11 - Prob. 17RQCh. 11 - Prob. 18RQCh. 11 - Prob. 19RQCh. 11 - Prob. 20RQCh. 11 - Prob. 1ECh. 11 - Prob. 2ECh. 11 - Prob. 3ECh. 11 - Prob. 4ECh. 11 - Prob. 5ECh. 11 - Prob. 1CEDQCh. 11 - Prob. 2CEDQCh. 11 - Prob. 1EDM
Knowledge Booster
Similar questions
- Interns who appear to be violating many security policies are confronted by the CISO, who hears their complaints. The company claims its employees don't encrypt their computers, listen to music without a license, share files between work and personal devices, waste too much time on social media, and illegally access pornographic material. The CISO suggests drafting a security document (Rules of Behavior) with at least 15 rules outlining the conduct that is and is not acceptable on the company's network.arrow_forwardSusan is the lead investigator for a security incident and realizes that she will not be able to complete her investigation without causing severe disruption to the business. The action she feels she must take exceedsthe authority granted to her under the incident response plan. What should Susan do? a)Shut down all business operations immediately until she develops a plan b)Take the action immediately to protect the business c)Discount the action as a possibility because it exceeds her authority d)Consult with higher levels of managementarrow_forwardSecurity breaches in information systems are very commonplace these days even though some organizations have what they believe is good security controls. Because of their vulnerability to threats from hackers, internal personnel, and poor management of Hardware and software devices, security controls always need revisiting.From my perspective as manager of the Accounts and Finance department, every security breach affects this department even if it is just down time to be at meetings, to discuss strategies and costs to repair damages. When the breaches occur, unauthorized access is gained to either, do something malicious to the organization's resources to steal or sabotage data for financial gain.This usually results in the company's reputation/integrity being damaged, Loss of revenue during downtime, high costs to repair and restructure. legal ramifications are expected as well if guilty persons are found or if customers decide to sew for breach of contract and losses.Two Reasons…arrow_forward
- When conducting a criminal investigation, why is it essential to keep detailed records? Create a list of the bare minimum of paperwork needed for any investigation that doesn't involve a computer.arrow_forwardSubject: Risk management 1. Why is there a need for employees to be involved in providing feedback to management about safety and security procedures? 2. How is providing feedback to management about safety and security procedures occur?arrow_forwardPlease list all the many elements that go into the creation of security systems.arrow_forward
- C. List the components of PKI, then describe each component and its function. What are certification and accreditation when applied to information systems security management? List and describe at least two certification or accreditation processes. You've been hired by an investment company with 500 employees to serve as their Information Systems Security Manager. Your first task from the Chief Information Officer is to write a series of policies and procedures as the company has nothing in place. Where is a good place to start your research? List at least 3 policies and procedures that you would work on first and explain why these three should be considered early. Recommend a password policy. If the C.I.A. triangle is incomplete, why is it so commonly used in security? Explain what value an automated asset inventory system has for the risk identification process?arrow_forwardA number of authorities in the field of information technology security are of the opinion that businesses might significantly improve their levels of protection by employing individuals who have previously worked as hackers in the capacity of consultants. Is that what you consider to be the case? Is this an acceptable reason or an unacceptable one?arrow_forwardWhat are the primary responsibilities of the CISO, the security manager, and the security technician, respectively?arrow_forward
- What are the most important IT security issues facing companies today? Have these changed over the last five years and do you think they'll continue to change? How should companies prepare themselves for security threats in the future?arrow_forwardWhat actions should be performed if there is a breach in a company's security?arrow_forwardHow should a corporation handle a security breach?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,Principles of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage LearningPrinciples of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
- Information Technology Project ManagementComputer ScienceISBN:9781337101356Author:Kathy SchwalbePublisher:Cengage LearningPrinciples of Information Systems (MindTap Course...Computer ScienceISBN:9781285867168Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Information Technology Project Management
Computer Science
ISBN:9781337101356
Author:Kathy Schwalbe
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning