LD7087 – Information Governance and Cyber Security Assignment Sample 2023
1.0 Introduction
“Information security Policies” can be explained as the set of policies, procedures and rules that is designed to secure networks as well as end users inside an organization to meet requirements for “data protection security” including IT security. ISPs address all systems, authorized users, data, facilities, infrastructure, programs, fourth parties as well as third parties of various organizations. There are three different types of ISP which depend on the purpose as well as the scope of ISP. The three types are organizational ISP, Issue-specific ISP and system-specific ISP. The three main components in which the ISP is made up are availability, Confidentiality, and integrity. Each and every parameter represents the primary objective of ISP. The various examples of the ISP are “acceptable use policy” (AUP), “Data breach response policy”, plan for disaster recovery, policy for remote access, plan for business continuity as well as policy for access control. The importance of the ISP is it can protect the sensitive data, intellectual property as well as “personally identifiable information (PII)” to the higher standards as compared to the other data. ISP is very significant to the each and every level of security within an organization.
The framework of Information security contains purpose, data classification, duties, rights as well as the responsibilities of personnel’s, data operation and data support, audiences, security behavior as well as security awareness, objectives of information security.
2.0 Purpose
An “information security policy” focuses on protection as well as it can control the distribution of the data to authorized access only. Organizations make ISP for establishing primary methods of information security. It is used to detect and reduce the effect of the compromised information resources like mobile devices, data misuse, computer and its application as well as networks. It can document the security measures as well as it can access the policies of user control. Apart from that it can defend the reputation of an organization (Rosén, and Raube, 2018.). It can control the access to the “key information technology assets” to the person who has the permission to use it. It can protect the various data of consumers like identification no of consumer as well as number of credit cards. It can comply with the regulatory requirements along with the legal requirements like FERPA, GDPR, NIST and HIPAA. Apart from that it is very beneficial to provide the effective mechanism for the response of the queries as well as the complaints which are related to the perceived or the real risks of cyber security like malware, ransomware and phishing. It can explain the audience who applies the ISP. These are the purposes of ISP.
3.0 Scope
These policies can be applied to everyone such as students, employees of an organization, visitors, volunteers, staff, researchers, contractors, as well as for the employees of the affiliated entity. This policy can cover the “web application security assessment” that will be operated by the security personnel of an organization. These are the scope of ISP.
Reference
Haastrup, T., Wright, K.A. and Guerrina, R., 2019. Bringing gender in? EU foreign and security policy after Brexit. Politics and Governance, 7(3), pp.62-71.
Rosén, G. and Raube, K., 2018. Influence beyond formal powers: The parliamentarisation of European Union security policy. The British journal of politics and international relations, 20(1), pp.69-83.
Sadrania, H., 2021. Evaluation of the role of the National Security Council in the Structure of the National Security Governance of the Islamic Republic of Iran.
Know more about UniqueSubmission’s other writing services:
