Preview

information systems risk and security

Good Essays
Open Document
Open Document
915 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
information systems risk and security
INFORMATION SECURITY

1. A) Integrity - This is were authorized users can access, delete and modify
Information and they also preserve the consistency of the information.

Privacy - This is the protection of restricted information and identity of a client.

Implementing a security model by using the principles of privacy and integrity helps preserve the information assets of an organization. With integrity this helps to maintain the consistency of the information assets from being altered by unauthorized users. Privacy is where the personal information and identity of a client is handled securely. By personal information I mean by address, name, bank account number, and password and so on. Organizations are strongly required to take such precautions to safeguard the clients personal information they collect, process and store. This is to avoid fraud and identity theft. This also helps in preserving the organizations image to the public.

B) Defense in depth is whereby more than one layer of security is applied throughout a
System. This model helps the organization to prevent security breaches and gives them an amount of time to detect where and when an attack has occurred. If an organization does not have this model to protect their assets their integrity could be destroyed, their systems could get attacked by viruses and cyber terrorism.

C) Mission objective: with the use of information security it will be effective and Achieve maximum security to protect the computer systems Assets of the organization.

Vision objective: the policy standards should be raised so as enforce strong Security so as to protect the clients and make sure their Services are very efficient and that they are getting the right Services. Also make sure the staff understand the policies and Improve their skills and maximise their abilities.

D) High level security approach does increase complexity. These are the factors that


References: Algosec Inc., (2012), Examining the dangers of complexity in network security environments, Algosec Survey Insights, Rosewell GA, USA. http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=3&cad=rja&ved=0CDMQFjAC&url=http%3A%2F%2Fwww.algosec.com%2Fresources%2Ffiles%2FSpecials%2FSurvey%2520files%2F12_10_11_security_complexity.pdf&ei=MT1FUpfcDYGyrgf67oDIAw&usg=AFQjCNFJnvtM_Tkybfe2sUMTAZfPTufYzA&bvm=bv.53217764,d.bmk
Continue Reading
View Writing Issues

You May Also Find These Documents Helpful

  • Powerful Essays

    INDP Final Project
    • 1793 Words
    • 4 Pages

    INDP Final Project

    References: Banathy, A., Panozzo, G., Gordy, A., & Senese, J. (2013, July). A Layered Approach to Network Security. Retrieved from http://www.industrial-ip.org/en/knowledge-center/solutions/security-and-compliance/a-layered-approach-to-network-security…

    • 1793 Words
    • 4 Pages
    Powerful Essays
    Read More
  • Satisfactory Essays

    IS3340 Unit 1 Assessment 1
    • 284 Words
    • 1 Page

    IS3340 Unit 1 Assessment 1

    1) Which of the following is the best description of the defense in depth strategy? B) Using multiple layers of security controls to protect resources.…

    • 284 Words
    • 1 Page
    Satisfactory Essays
    Read More
  • Better Essays

    Unit 219 Nvq L3 Business and Administration
    • 1681 Words
    • 7 Pages

    Unit 219 Nvq L3 Business and Administration

    Any information stored in an organisation has to follow the security and confidentiality procedures. Information security and confidentiality is the process where data is kept away from unauthorised access, disclosure, destruction, use or modification. It applies to both physical and electronic data. All organisations store a large amount of confidential information about their employees, customers, company’s status,…

    • 1681 Words
    • 7 Pages
    Better Essays
    Read More
  • Good Essays

    Unit 219-Store And Retrieve Information
    • 1346 Words
    • 6 Pages

    Unit 219-Store And Retrieve Information

    Explain The Purpose of Legal And Organisational Requirements For The Security And Confidentiality Of Information…

    • 1346 Words
    • 6 Pages
    Good Essays
    Read More
  • Good Essays

    Nt1310 Final Exam
    • 3599 Words
    • 15 Pages

    Nt1310 Final Exam

    a. The concept of defense-in-depth reflects the fact that security involves the use of a few sophisticated technical controls. (Incorrect. The concept of defense-in-depth is based on the idea that, given enough time and resources, any single control, no matter how sophisticated, can be overcome—therefore, the use of redundant, overlapping controls maximizes security.)…

    • 3599 Words
    • 15 Pages
    Good Essays
    Read More
  • Good Essays

    BSA/310
    • 674 Words
    • 3 Pages

    BSA/310

    In business, an information security is a set of policies to protect the companies and small businesses infrastructure, physical, and information technology assets, and to ensure that information technology users within the domain of the companies and small businesses comply with the rules and guidelines related to the security of the information stored digitally at any network within the boundaries of authority. In short, it can protect data from the outside and even inside threat. The data and information, which the companies and small businesses have, are arguably the most important assets. They should ensure the data confidentiality, integrity, availability, non-repudiation, authentication, and authorization. Most small businesses and companies must have information security to ensure their business and information assets. Information security protects data and controls how it should be distributed within or without the businesses boundaries. This means that information should be encrypted and may have restrictions placed on its distribution to the third party. Information security should protect the data from the outside threats such as:…

    • 674 Words
    • 3 Pages
    Good Essays
    Read More
  • Good Essays

    Assignment 2: Business Impact Analysis
    • 349 Words
    • 2 Pages

    Assignment 2: Business Impact Analysis

    To secure the network and ensure a degree of protection from external intrusion, the first step is to ensure it is a private network and each host in the different remote locations is part of the private network; this minimizes the intrusion from public networks. Through the use of firewalls in the central computer network enforces authentication of all users in the network thus minimizing internal and external unauthorised access (Stallings, 2007).…

    • 349 Words
    • 2 Pages
    Good Essays
    Read More
  • Good Essays

    Nvq Business and Administration
    • 501 Words
    • 3 Pages

    Nvq Business and Administration

    The information stored by an organisation must be kept safe and secure at all times. This is to make sure that the organisation satisfies all of the legal requirements relating to the information which it keeps. The organisation has a duty of care to safeguard the information in its possession. This is to protect the security of its customers as well as its staff.…

    • 501 Words
    • 3 Pages
    Good Essays
    Read More
  • Powerful Essays

    Physical Security Clients Assessment
    • 1377 Words
    • 6 Pages

    Physical Security Clients Assessment

    Security is a compelling concern for business and employees. Employers need to establish that they carry out complete risk assessment and address security issues by implementing required security systems. Physical security system is a fundamental component of an establishment, which protects a several aspects such as building security, theft, vandalism and falsification of records. Therefore, organizations and companies need to highly aware of to protect their physical assets. The foundation of a competent security management can prevents such risk like discovering solutions, authorization, and controlling employee’s activities. As a result, organizations can ensure the safety and protection of employees and property.…

    • 1377 Words
    • 6 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    Statistics Lab week 6
    • 3844 Words
    • 14 Pages

    Statistics Lab week 6

    Security Principles 3. Threats, Vulnerabilities, Control Measures and Information Assurance 4. Achieving Information Security: Administrative, Physical, Technical Safeguards Security is achieved by addressing its components: confidentiality, integrity, availability and accountability. 1. Confidentiality is the property that data or information is not made available or disclosed to unauthorized persons or processes.…

    • 3844 Words
    • 14 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    CU701 - Storing and Retrieving information

    • 1448 Words
    • 4 Pages

    CU701 - Storing and Retrieving information

    1.3 Explain the purpose of legal and organisational requirements for the security and confidentiality of information…

    • 1448 Words
    • 4 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    ACCT WINTER 2014 FINAL EXAM 2

    • 2051 Words
    • 9 Pages

    ACCT WINTER 2014 FINAL EXAM 2

    2) ________ refers to the ability to ensure that messages and data are only available to those…

    • 2051 Words
    • 9 Pages
    Powerful Essays
    Read More
  • Better Essays

    APPLYING INFORMATION SECURITY AND SDLC TO BUSINESS
    • 2427 Words
    • 7 Pages

    APPLYING INFORMATION SECURITY AND SDLC TO BUSINESS

    There are several things a manager has to consider when running a business. He or she must ensure that the company does what it needs to meet the needs of the customer, the employees, and protect all personal information. One way is to ensure that there are proper security measures to protect all data by making sure the employees are trained and understand the security protocols. Another way is by using the Systems Development Life Cycle (SDLC) method to help maintain the systems they have or need to conduct business. Businesses that follow the steps in the SDLC method and maintain a good information security system will keep the trust of its customers ensuring it remains profitable.…

    • 2427 Words
    • 7 Pages
    Better Essays
    Read More
  • Satisfactory Essays

    209
    • 584 Words
    • 2 Pages

    209

    It is very important to keep information secure and private that individuals and staffs private information will stay protected from unauthorised viewing. It is their right to to have their private information to be protected. It is important to protect information to avoid indentity theft. As well as to keep service users trust between services and service users. To gain their trust, they have to know that their private information is safe and protected and can`t be used against them or seen by someone who has no permission to see it. Without all these things services can`t have confidentiality and trust from service users and their services wouldn`t have any users as people wouldn`t be able to feel safe and protected and would leave them feeling vulnarable as their information could be accessed by anyone.…

    • 584 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    Information Technology
    • 277 Words
    • 1 Page

    Information Technology

    Information technology has become spreading widely throughout our society. We live in a modern world with Internet access from our home, fast food chains, offices, schools and on our mobile devices, such as iPhones, iPods, Blackberries and Android Phones. Nowadays, the use of internet became essential to communicate distantly and the use of social medias for interactions as well as businesses through online marketing or other called as the e-commerce. The rapid advancement of this system has elevated the importance of the IT function. Information technology in the modern enterprise has developed gradually from a back-office component to a most important operational constituent that could improve businesses performances and increases shareholders value. Enterprises such as marketing, sales and finance are now cooperated by information technology. The core success of an organization is information technology because it serves daily operational support and enables enterprise wide change. Since information technology is essential in a modern enterprise it is sometimes serve as a threat in today’s organization. One of the examples is the personal information which can be sending through the use of systems and it can be a threat if this information consolidated from banks and accounts pertaining to financial aspects. In these cases, applying triad could be helpful that is Confidentiality, Integrity and Availability. The protection of the information from disclosure to unauthorized users is confidentiality while integrity refers to protecting information from being modified by unauthorized users. Ensuring that authorized users are able to access the information when needed is availability.…

    • 277 Words
    • 1 Page
    Satisfactory Essays
    Read More

Related Topics