Bundle: Management Of Information Security, Loose-leaf Version, 6th + Mindtap Information Security, 1 Term (6 Months) Printed Access Card
6th Edition
ISBN: 9781337750790
Author: Michael E. Whitman, Herbert J. Mattord
Publisher: Cengage Learning
expand_more
expand_more
format_list_bulleted
Question
Chapter 4, Problem 2E
Program Plan Intro
Information security policy defines the set of rules of all organization for security purpose.
- It helps the employees what an organization required, how to complete the target and where it wants to reach.
- It helps to manage data access, web-browsing behaviors, passwords usage and encryption, email attachments, etc.
- It is designed to provide structure in the workplace, create a productive and effective work place.
- It is free from unnecessary distractions.
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solution
Students have asked these similar questions
Check your institution's intranet or website for security guidelines. Exists a company security policy? Where have you seen security policies adapted to a specific issue? Which agency or department issues or coordinates these policies, or are they dispersed?
Use the framework in this chapter to assess the policies discovered in the previous exercise. What are the gaps?
Search your institution's intranet or Web site for its security policies. Do you find an enterprise security policy? What issue-specific security policies can you locate? Are all of these policies issued or coordinated by the same individual or office, or are they scattered throughout the institution?
Using the framework presented in this chapter, evaluate the comprehensiveness of each policy you located in Exercise above Which areas are missing?
To learn more about your institution's security rules, look them up on the intranet or website. Is there a corporate security policy somewhere? Where have you come across security rules that are tailored to address a particular problem? What agency or department is in charge of issuing or coordinating all of these policies, or are they dispersed across the organization?
Use the framework provided in this chapter to determine whether or not the policies you found in the preceding exercise are complete. What are the omissions in these areas?
Chapter 4 Solutions
Bundle: Management Of Information Security, Loose-leaf Version, 6th + Mindtap Information Security, 1 Term (6 Months) Printed Access Card
Knowledge Booster
Similar questions
- What are the types of traditional security Model?arrow_forwardA security mechanism is a method, tool or procedure for enforcing a security policy. (a) What are the different types of mechanisms that can be used to secure the system? Give ONE (1) example for each mechanism.arrow_forwardTo what extent does the company's policy on information sharing apply in the event of a breach in its information security system?arrow_forward
- A security mechanism is a method, tool or procedure for enforcing a security policy. (a) How would you secure the system? Give ONE (1) example for each mechanism.arrow_forwardExplain the CNSS security Model. What are the three dimensions of it?arrow_forwardAppropriate Security Policies and their continuous enforcement are required. Why is it vital to design, execute, and maintain security policies?arrow_forward
- In comparison to information security standards, does security policy vary in that it is considered as static or dynamic? Was there anything in particular that might have had a role in causing this situation?arrow_forwardWRITE Security Awareness and Training policy in the NIST Cybersecurity that include : • Policy Definition: • Purpose • Scope • Target Audience or Applicability • Objectives: • Standard • Roles and Responsibilities • Procedures and Guidelines • Compliance and Enforcement • Non-Compliance and Exceptionsarrow_forwardExplanation in detail of the major security management concepts and underlying security management principles.arrow_forward
- At any given time, what is the state of an organization's security?arrow_forwardWhen compared to information security standards, does security policy vary in that it is seen as static or as dynamic evolving? If this scenario is to be determined, what factors need to be considered?arrow_forwardDoes security policy differ in that it is regarded static or dynamic in contrast to information security standards? What variables may have a role in determining this situation?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,
Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781285867168Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning