CIS 502 Elements of a Security Program Strayer University

Preview (4 of 13 Pages)

100%

Purchase to unlock

Loading page image...

Running head:Elements of a Security ProgramElements of a Security ProgramDonald ShipmanStrayer UniversityCIS 502Prof. AdebiayeJune 10, 2012Describe the key components of an information security program for a midsized organization,highlighting the importance of risk management, policy development, and contingency planning.How do these components work together to ensure the protection of proprietary data andcontinuity of operations?Word count requirement: 800-1000 words

Loading page image...

AbstractThe following paper describes the design of an information security program for a midsizedorganization of roughly 1000 local and remote employees. There are several essentialcomponents to creating a security program that include creating a policy, managing risk, life-cycle planning, contingency and disaster planning, awareness training and auditing. A solidsecurityprogram is vital to protecting the proprietary data of an organization from both internaland external attacks in addition to having an organized plan to maintain productivity and recoverin the event of an unforeseen disaster. The combination of knowledge, technology, awarenessand accountability help to ensure a successful program.

Loading page image...

IntroductionInformation security is a key aspect in an organization of any size. The perception of manycompanies is that information security is only necessary as a matter of legal requirements. Manyfeel that because of the nature of the business that their company handles, they would not betargeted for any type of attack or be subject to any serious issues. This concept is a big mistake.The information that is provided in the policy will not only outline the policy, but also relay themessage of its importance.PolicyThe policy portion of the program of the organization in all forms(written, spoken,recorded, or printed) is protected from unauthorized change for the duration of its life cycle andincludes the physical hardware as well as any software that will be used to store, process, andsend proprietary data. Each department level will have developed details of how the policyapplies to that specific department, but will be consistent with the overall policy. All systemsmust be compliant with policies after the policy effective date and any systems not in complianceshould be brought up to the required level as soon as is practical.System users may not display, downloador email attachment, images, messages andcartoons of a sexual nature, ethnic slurs, racial comments, or anything considered harassing ordisrespectful. Attachments from received emails should not be opened unless known (ourcompany internal only) or expected, or are of the nature of specific business related formatting.(Goodchild, 2012)All internet data that is written, sent, or received through the computer systemof the organization are considered the intellectualproperty of the company.(Goodchild, 2012)Care should be taken that the information that is in any and all internet email messages and othersuch transmissions are accurate, business appropriate, legal and ethical. The equipment, services

Preview Mode

This document has 13 pages. Sign in to access the full document!

Report

Study Now!

Document Details

Related Documents

CIS 502 Threats to Information Security

DevOps and Its Importance Study Notes

Veeam Certified Engineer VMCE-V12

Modules 1 - 3 Basic Network Connectivity and Commu

Notes CCNA

CCNA 200-301 Portable Command Guide 5th Edition 20

CCNA 200-301 Portable Command Guide 5th Edition 22

CCNA 200-301 Portable Command Guide 5th Edition 36

Foundations of Novell Networking Section 26

Modulo 7 DHCPv4

Company

Explore

Study Tools