Policy, Information Security Policy, Procedures, Guidelines |My homework helper

Posted: January 29th, 2023

You are the CISO of your company. Your primary responsibility is assessment, management, and implementation of InfoSec in your organization. Your organization has set up new servers to hold the personally identifiable information (PII) of the clients in your company. The CIO of your organization is advising you for strategic security assessment, management, and implementation using the CNSS security model.

I have uploaded some documents with respect to InfoSec procedures, policies, and guidelines. Consider the definition of Information Security with respect to the CNSS security model. Focus on C.I.A triad. What technologies and InfoSec procedures you would choose, and how would you consider management and implementation of security measures with respect to InfoSec? This is in relation to Storage, Processing, and Transmission considering incorporation of Policies, Education, and Technologies.

 

SOLUTION

A policy is a statement of intent that guides decisions and actions towards achieving specific goals or objectives. An information security policy is a set of rules and guidelines that aim to protect the confidentiality, integrity, and availability of sensitive information within an organization.

Procedures are specific instructions that explain how to carry out a policy or task. Guidelines are recommendations or suggestions for best practices in a particular area. Together, policies, procedures, and guidelines form the framework for an organization’s information security program.

Expert paper writers are just a few clicks away

Place an order in 3 easy steps. Takes less than 5 mins.

Calculate the price of your order

You will get a personal manager and a discount.
We'll send you the first draft for approval by at
Total price:
$0.00