This website uses cookies to ensure you have the best experience. Learn more

Information Security Essay

253 words - 2 pages

1. (Whitman & Mattord, 2011, p. 114) What is the difference between law and ethics?

The difference between law and ethics is that law is a set of rules and regulations that are universal and should be accepted and followed by society and organizations. Ethics refers to the beliefs and customs that help shape the character of individuals and how people interact with one another
2. ...view middle of the document...

Is the data confidential, or will it be accessed by anyone? Will it be protected from others? Can you expect reasonably that your personal/confidential information will be protected?

3. (Whitman & Mattord, 2011, p. 114) How does the Sarbanes-Oxley Act of 2002 affect
information security managers?

4. (Whitman & Mattord, 2011, p. 114) How is due diligence different from due care? Why are both important?
When organizations adopt levels of security for a legal defense, they may need to show that they have done what any prudent organization would do in similar circumstances. This is referred to as a standard of due care.
Due diligence is the demonstration that the organization is diligent in ensuring that the implemented standards continue to provide the required level of protection.

5. (Whitman & Mattord, 2011, p. 114) What is a policy? How is it different from a law?

6. (Whitman & Mattord, 2011, p. 114) What is the best method for preventing an illegal or
unethical activity?

Other assignments on Information Security

Ethical Issues Arising From The Intersection Of Law, Compliance & Investigations

417 words - 2 pages There are several ethical issues that arise in information security. The security is one of most issue of concern for every business organization. Ethics is a term which is used to distinguish between right or wrong things. Ethical issues in computer security includes cybercrimes, computer hacking and information warfare. In an Internet world, many banking organizations are attacked by attackers and millions of credit card details stolen every

Understanding Nist 800‐37  Fisma Requirements  Essay

2451 words - 10 pages .  2        Overview  The Federal Information Security Management Act of 2002 ("FISMA", 44 U.S.C. §  3541, et seq.) is a United States federal law enacted in 2002 as Title III of the E‐ Government Act of 2002 (Pub.L. 107‐347, 116 Stat. 2899). The Act is meant to  bolster computer and network security within the Federal Government and  affiliated parties (such as government contractors) by mandating information  security controls and

Security Policy

304 words - 2 pages Riordan Manufacturing Security Policy Smith Systems Consulting has been hired to evaluate and consult on the creation of a new information technology security policy to span the complete enterprise infrastructure. This document will serve as a recommendation for Riordan Manufacturing as it pertains to the enterprise wide information security strategy. Riordan Manufacturing currently has three locations within the United States and one

The Internet

989 words - 4 pages Theresa Jn. Baptiste - St. Lucia Managing Information Technology Security isn’t simply a technology issue, it’s a business issue. Discuss In any given organization information technology generally refers to laptop and desktop computers, servers, routers, and switches that form a computer network, although information technology also includes fax machines, phone and voice mail systems, cellular phones, and other electronic systems. A


315 words - 2 pages 1) Information security is specific to securing information systems security of the systems that house the information? True 2) Software manufacturers limit their liability when selling software using which of the following? A. End user licensing agreements. (EULA) 3) The ______ tenet of information systems security is concerned with the recovery time objective. 4) Encrypting data on storage devices or hard drives is a main

Secutiry Threats

452 words - 2 pages Security Threats Computer security is no longer just an organization’s concern but everyone’s who uses their computer to access the internet. Anyone who uses their personal computer to access the internet faces potential security threat. This document will identify all the potential security threats on a personal computer and some techniques an attacker might employ to access information on the file system. Security threats can be broadly

Cyber Security In Business

1513 words - 7 pages Cyber Security in Business Organizations Robin P. McCollin CIS 500 Information Systems – Decision Making Constance Blanson Fall 2014 The terms information security, computer security, and cyber security are all terms that are sometimes used interchangeably. To better understand the similarities and differences between the terms, one must first understand what exactly is being secured. For example, Information security is generally

Jimmer Paper

624 words - 3 pages will cost less than to maintain internally. My managers, nor myself have the revenue adequate enough to gain the knowledge or manage the ERM system internally. For this reason I have chose Symantec Partners to oursource our security towards. A second reason, and one for hiring Symantec Partners, is that experience (in addition to low-costs) is essential to mainitain a secure internal information system. With experience, Symantec can provide us

Security Awareness

2691 words - 11 pages Information Security - Security Awareness Abstract: 3 Security Awareness 4 Regulatory Requirements for Awareness and Training 7 References 13 Abstract: Information security means protecting information and information systems (IS) from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. A policy can be described as a set of principles intended to manage

Risk Management

421 words - 2 pages This paper covers the basics of IT risk assessment. To learn more about this topic we recommend taking the SANS SEC410 IT Security Audit and Control Essentials course, available both online and via live classroom training. 2 Introduction The fundamental precept of information security is to support the mission of the organization. All organizations are exposed to uncertainties, some of which impact the organization in a negative


1066 words - 5 pages sense of worth and hence higher productivity. Relevance of security programs One of the biggest risks to an organization’s information security is often not a weakness in the technology control environment. Rather it is the action or inaction by employees and other personnel that can lead to security incidents; for example, (i) through disclosure of information that could be used in a social engineering attack, (ii) not reporting observed

Similar Documents

Principles Of Information Security Essay

953 words - 4 pages Every organization is different in the way that it communicates internally and with its vendors and customers and in the kinds of information that it sends over the Internet. Practicing strong computer security is a nonnegotiable requirement for organizations doing business today. However, building security into an existing corporate culture is a complex undertaking. Every organization has a security culture, and each is as unique as the

Information Security Policy Essay

4226 words - 17 pages Axia College Material Appendix B Information Security Policy Student Name: Brice Washington Axia College IT/244 Intro to IT Security Instructor’s Name: Professor Smith Date: 11/7/2011 Table of Contents 1. Executive Summary 1 2. Introduction 1 3. Disaster Recovery Plan 1 3.1. Key elements of the Disaster Recovery Plan 1 3.2. Disaster Recovery Test Plan 1 4. Physical Security Policy

Information Systems Security Essay

3283 words - 14 pages Information Systems Security Strayer University CIS 333 June 18, 2014 David Bevin Information Systems Security The scope of our assignment as an information officer at Whale Pharmaceuticals is to safeguardour daily operations which require a combination of both physical and logical access controls to protect medication and funds maintained on the premises and personally identifiable information and protected health information of our

Information Systems Security Essay

286 words - 2 pages Colten Ruff 4/24/13 Information Systems Security Unit 4 assignment 1- Enhance an Existing IT Security Policy Framework 1.0 Purpose The purpose of this policy is to define standards for connecting to Richman Investment's network from any host. These standards are designed to minimize the potential exposure to Richman Investment from damages which may result from unauthorized use of Richman Investment resources. Damages include the loss