Top-Tier Enterprise Information Security Policy

Read Complete Research Material



Top-Tier Enterprise Information Security Policy



Top-Tier Enterprise Information Security Policy

Questions

What are the advantages of having a top-tier Enterprise Information Security Policy (EISP) with sub-policies?

There can be various advantages of integrating a top-tier Enterprise Information Security Policy (EISP) with sub-policies. Policies are easy to access and implemented when they are integrated. Information security policy is required at all levels of organization. On the other hand, it is necessary to obtain information in a consistent and optimized with the rest of the information system (architecture, operating mode). For consistency, it is the possibility to use other data to increase information flow of each (Edwin, 2003). Consistency also includes the possibility of identity interpretation of information by all components of the system makers. For optimization, we must understand that the information is extracted through the process of allocating resources (human / sensors) that are in essence limited. The other advantages Advantage of having a top-tier Enterprise Information Security Policy (EISP) with sub-policies is characterized as the preservation of:

Confidentiality, ensuring that only authorized persons have access to information;

Integrity, ensuring that information and processing methods are accurate and complete;

Availability, ensuring that authorized users has access to information and associated assets when required. Information security is

Achieved by implementing a suitable set of controls such as policies, practices, procedures, organizational structures and software functions. These controls are designed to ensure compliance with the specific safety objectives of the company.

State whether you think Mike's idea to have other top-level policies in the organization reference the EISP and sub-policies is a good one. Explain your answer.

Mike's idea of referencing top level policies with EISP and sub-policies can be a good idea but it is kind of vague. It's all about the execution and impact of policies on other department and policies. The process of binding of multiple policies ...
Related Ads