Mcbride Finacial Security
McBride Financial Security Policy 1
Running Head: McBride Financial Security Policy
Homework Week 4, McBride Financial Security Policy
University of Phoenix
Introduction to Information Systems Security
CMGT/440
McBride Financial Security Policy 2
This document is to describe the Information Security requirements of Online Application Services and Application Service Providers that engage in business with McBride Financial Services. This policy applies to any use of Online Loan Applications (OLA) and any outsourcing to Application Service Providers (ASP) by McBride Financial Services, independent of where hosted. The Online Loan Application or Application Service Provider 's Sponsor must first establish that its project is an appropriate one for the OLA/ASP model, prior to engaging in any additional infrastructure teams within McBride Financial Services or any external Application Service Providers. The department wanting to use an Online Loan Application or any Application Service Providers service must confirm that the Application Service Providers chosen to host the loan applications of McBride Financial Services complies with this policy. The Business Function to be outsourced must be evaluated against the following. The requester must go through the OLA/ASP engagement process with the Information Security Department to ensure affected parties are properly engaged. In the event that McBride Financial Services data or loan applications are to be manipulated by, or hosted at, any ASP 's service, the ASP sponsor must have written, explicit permission from the data/application owners. A copy of this permission must be provided to the Information Security. The information to be hosted by an ASP must fall under the Minimal or More Sensitive categories. Information that falls under the Most Sensitive category may not be outsourced to an ASP. If the ASP provides confidential information to McBride Financial Services, the ASP
Running Head: McBride Financial Security Policy
Homework Week 4, McBride Financial Security Policy
University of Phoenix
Introduction to Information Systems Security
CMGT/440
McBride Financial Security Policy 2
This document is to describe the Information Security requirements of Online Application Services and Application Service Providers that engage in business with McBride Financial Services. This policy applies to any use of Online Loan Applications (OLA) and any outsourcing to Application Service Providers (ASP) by McBride Financial Services, independent of where hosted. The Online Loan Application or Application Service Provider 's Sponsor must first establish that its project is an appropriate one for the OLA/ASP model, prior to engaging in any additional infrastructure teams within McBride Financial Services or any external Application Service Providers. The department wanting to use an Online Loan Application or any Application Service Providers service must confirm that the Application Service Providers chosen to host the loan applications of McBride Financial Services complies with this policy. The Business Function to be outsourced must be evaluated against the following. The requester must go through the OLA/ASP engagement process with the Information Security Department to ensure affected parties are properly engaged. In the event that McBride Financial Services data or loan applications are to be manipulated by, or hosted at, any ASP 's service, the ASP sponsor must have written, explicit permission from the data/application owners. A copy of this permission must be provided to the Information Security. The information to be hosted by an ASP must fall under the Minimal or More Sensitive categories. Information that falls under the Most Sensitive category may not be outsourced to an ASP. If the ASP provides confidential information to McBride Financial Services, the ASP
References: Riordan Manufacturing Plant(2006) by Apollo Group Inc., Retrieved on November 1, 2008 from:https://ecampus.phoenix.edu/secure/aapd/cist/vop/Business/Riordan/RioMfgHome002.htm