Security presentation ^0 Guildbook 2 Assignment 2 Andrew Orme version 1 .docx - ASSIGNMENT 2 SECURITY MANAGEMENT STEPHEN CALLAGHAN U10428647 U10428647

Security presentation ^0 Guildbook 2 Assignment 2 Andrew Orme version 1 .docx

This preview shows page 1 - 5 out of 27 pages.

ASSIGNMENT 2 SECURITY MANAGEMENT STEPHEN CALLAGHAN U10428647
Image of page 1
U10428647 Stephen Callaghan 1 Table of Contents Part One ................................................................................................................................................... 4 1. What is Organization Security ................................................................................................................ 4 1.1Management your own security organization .................................................................................. 4 1.1.0 Security risk by organization ............................................................................................................ 4 1.1 Internal system Security ...................................................................................................................... 4 Internal Business Risk factors are .......................................................................................................... 4 Accidental ......................................................................................................................................... 5 Negligent .......................................................................................................................................... 5 Disloyalty .......................................................................................................................................... 5 1.2 External system Security ..................................................................................................................... 5 External Business Risk factors are ......................................................................................................... 5 Sniffer on our network ..................................................................................................................... 6 Requirement of your device preventive services .............................................................................. 6 Denial attacks related with your machine service ............................................................................. 6 Mail bombs or distributive mail ........................................................................................................ 6 2. What is Risk assessment ....................................................................................................................... 6 Discussion about risk assessment procedures ........................................................................................... 6 Producer of protecting some of the risk assessment ................................................................................. 7 I recommend to use for preventing our data ........................................................................................ 7 Prevention control ............................................................................................................................ 8 Detective Control .............................................................................................................................. 8 Group policy management console .................................................................................................. 8 Network configuration management ................................................................................................ 8 Purpose of Risk assessment producer ....................................................................................................... 9 3.1 Freedom of Information Act ................................................................................................................ 9 There are nine information of exception which is authorizing by the government agencies to withhold information are ................................................................................................................................... 10 3.2 Data Protection Act ........................................................................................................................... 10 The data protection regulation requirements are ............................................................................... 11 3.3 Computer Misuse Act ........................................................................................................................ 11 3.4 ISO 31000 risk management Standard .............................................................................................. 12 The ISO 31000 standard principle of performance .............................................................................. 13 The processing of managing risk in ISO 31000 standard ...................................................................... 13
Image of page 2
4. Audit log .............................................................................................................................................. 14 Types of audits .................................................................................................................................... 14 Product audit .................................................................................................................................. 14 Process audit .................................................................................................................................. 14 System audit ................................................................................................................................... 14 Quality management audit system ............................................................................................. 14 The process of audit log .......................................................................................................................... 14 4.2Advantages of using audit log ........................................................................................................... 15 5. Summarization of ISO 31000 risk management methodology ............................................................. 15 5.1 Structure of ISO 31000 .................................................................................................................. 15 5.2 The first section of ISO 31000 ........................................................................................................ 15 5.3 The second section of ISO 31000 ................................................................................................... 15 5.4 The section is providing from the guidance to implement ............................................................. 16 5.5 The third section is process of ISO 31000 ...................................................................................... 16 Responsibilities of employee and stakeholder ........................................................................................ 16 For Employees .................................................................................................................................... 16 For Stakeholder .................................................................................................................................. 16 For preventing the internal risk from the employees and stakeholders .............................................. 17 Make a training or practice for your employee and stakeholder ......................................................... 17 Improve your employee and stakeholder ........................................................................................... 18 Part Two ................................................................................................................................................. 18 1. Security Policy ..................................................................................................................................... 18 1.0.1Integrity ...................................................................................................................................... 18 1.02.Confidentiality ............................................................................................................................ 18 1.0.3Availability .................................................................................................................................. 18 1.2Designing and implement a security policy ........................................................................................ 18 For implementing security policy ............................................................................................................ 19 1.2.1 Identify your risk ........................................................................................................................ 19 12.2 Learn from other ......................................................................................................................... 19 1.2.3 Include staff in policy development ............................................................................................ 19 1.2.4 Train your employee .................................................................................................................. 19 1.2.5 Set clear penalties and enforce them ......................................................................................... 20 1.2.6 Update your staff ....................................................................................................................... 20 1.3 Disaster Recovery Plan ...................................................................................................................... 20
Image of page 3
Strategy of recovering plan .................................................................................................................... 20 The disaster recovery has many simple processes .............................................................................. 20 Disaster recovery planning checklist stages ............................................................................................ 21 Types of Disaster recovery plan .......................................................................................................... 21 1.3.1 Backup Check ......................................................................................................................... 21 1.3.2 Plan for your using devices .................................................................................................... 21 1.3.3 Vendor communication and service restoration plan ............................................................. 22 1.3.4 Cloud disaster recovery plan .................................................................................................. 22 1.3.5 Network disaster recovery plan ............................................................................................. 22 1.3.6 Data center disaster recovery plan ......................................................................................... 22 2. Stakeholder ........................................................................................................................................ 22 2.2 Role of stakeholder and their important ........................................................................................... 22 Internal stakeholder ........................................................................................................................... 22 Example of internal stakeholder ..................................................................................................... 23 External stakeholder ........................................................................................................................... 23 Example of external stakeholder .................................................................................................... 23 Decision Making role .......................................................................................................................... 23 Role of reducing and uncovering risk .................................................................................................. 23 Direct management role ..................................................................................................................... 23 Role of stakeholder to implement the audit recommendation ................................................................
Image of page 4
Image of page 5

You've reached the end of your free preview.

Want to read all 27 pages?

  • Spring '14

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern

Stuck? We have tutors online 24/7 who can help you get unstuck.
A+ icon
Ask Expert Tutors You can ask You can ask ( soon) You can ask (will expire )
Answers in as fast as 15 minutes
A+ icon
Ask Expert Tutors