Description
Identify, define, and describe the three or four most important elements of an Information Security Plan. Be sure to identify and support why your selected elements are the most important.
The paper should follow APA format and contain 4-5 pages of content, not count title page and reference page. Need 5 peer reviewed references in reference page.
*Introduction, Conclusion, and subheadings are mandatory
*No Plagiarism
*APA
Explanation & Answer
hey there, the final paper has so far been uploaded.
Running head: INFORMATION SECURITY RESEARCH PAPER
Information Security Planning Research Paper
Name
Course
Instructor
Date Due
1
INFORMATION SECURITY RESEARCH PAPER
2
Information Security Planning
In the contemporary plan, information has undoubtedly grown to become a very valuable
asset to any person whether individually or as an organization. This has undeniably made it
become something that needs to be diligently safeguarded by all means, especially among
business establishments. As such, this means that the information security plan significance has
already become inevitable (Anderson, Reimers & Barretto, 2014). This has also made
information security planning to be highly heightened meaning that more vigilance has been
directed into the protection of information systems of organizations and individuals as well as
data or information from unauthorized access, use, disclosure, disruption, modification, and
destruction. According to Kiountouzis and Kokolakis (2014), information security plan is a
process that constitutes the definition of the security controls with an aim of protecting the
information assets. Thus, an information security plan must be developed in a strategic manner in
order to enable an organization towards effectively mitigation, acceptance, and transfer or
avoidance of information risks (Peltier, 2002; Schlienger & Teufel, 2003).
Core Information Security plan Elements
In information security plan the three most important elements and principles are
confidentiality, integrity, and availability. Based on the three elements they constitute what is
often referred to as the CIA Triad, which is definitely forming the fundamental objective as well
INFORMATION SECURITY RESEARCH PAPER
3
as the goal of any information security planning program or system (Peltier, 2002; Schlienger &
Teufel, 2003). This triad forms the model designed as a guideline to policies formulated to
ensure within an organization information security is assured (Anderson, Reimers & Barretto,
2014; Kiountouzis & Kokolakis, 2014). According to Allen (2001), the emphasis of this model
is to ensure that unauthorized intrusion is avoided to prevent of access of an organization’s
information both private and confidential. As a result, these three important elements of an
information security plan are defined and described in the subheadings that follow:
Confidentiality
According to Anderson et al, (2014), the definition of confidentiality in any information
security plan is a set of rules limiting access to information. As a result, confidentiality can be
can be construed to mean or equated to privacy (Stewart, 2012). Therefore, measures that an
organization takes in order to ensure confidentiality of information have a sole aim of preventing
wrong people from any chance of reaching sensitive information, and this subsequently ensures
that there is a stringent control to only allow that the right or authorized people have access to
such information with ease. In order to achieve this, there needs to make sure that restricted
access of such information is only exempted to authorized users.
However, in as much authorized users have privilege access it is imperative for the
grouping or categorization of such data with regards of ...