Running Head: IT SECURITY POLICY FRAMEWORK 1 IT Security Policy Framework Your Name University Name Course Number Course Name Date
IT SECURITY POLICY FRAMEWORK 2 Introduction IT Security Policy Framework will be used as a draft of the medium-sized insurance organization network system. The essence of the IT Security Policy Framework will broadly investigate five distinct risks. These risks are as Financial Risk, Strategic Risks, Compliance Risks, Operational Risks, and other types of Risks. COSO (Committee of Sponsoring Organizations of the Treadway Commission) Framework will be used as IT Security Policy Framework for Insurance Organization. This framework starts an interspersed process of internal controls. It supports the better ways of managing organization by assessing the efficient use of internal controls. This framework includes five parts: 1. Control Environment: This environment comprising factors related to the integrity of people, management and control authority and duties inside the organization. 2. Risk Assessment: This points to recognize and estimate the risks to the organization; 3. Control Activities: This part includes the ideas and strategies for the organization; 4. Communication and Information: This part containing the communication channels and the identification of significant information to the business for passing control activities from administrators to staff; 5. Monitoring: This part includes the process which is used to watch and evaluate the state of all internal control methods over time to time. The main purpose for establishing compliance of IT security controls with U.S. laws and regulations are Operations, Reporting, and Compliance with group entities. The main reason of operations objectives is to make ensure that jobs and goals accomplished successfully.
You've reached the end of your free preview.
Want to read all 6 pages?
- Spring '16
- Information Security, IT Security Policy Framework, security policy, Committee of Sponsoring Organizations of the Treadway Commission, security policy framework