Description
Critical Thinking: Critical Thinking: System Security Goals (60 points)
Assignment Details:
In an essay, answer the following questions based on this week’s module:
- How do you know if your system is meeting your security goals?
- You can verify that controls are working, but how do you know if they are getting the job done?
- What auditing practices or procedures would you implement for your organization? Why?
Deliverables:
Provide information from your readings to support your statements. Your well-written essay should be 4-5 pages in length, incorporating at least two academic resources from the Library in addition to the case study. Cite all sources using Saudi Electronic University academic writing standards and APA style guidelines found in the Library, citing references as appropriate.
Assignment Details:
In an essay, answer the following questions based on this week’s module:
- How do you know if your system is meeting your security goals?
- You can verify that controls are working, but how do you know if they are getting the job done?
- What auditing practices or procedures would you implement for your organization? Why?
Deliverables:
Provide information from your readings to support your statements. Your well-written essay should be 4-5 pages in length, incorporating at least two academic resources from the Library in addition to the case study. Cite all sources using Saudi Electronic University academic writing standards and APA style guidelines found in the Library, citing references as appropriate.
Explanation & Answer
Attached.
Running head: CRITICAL THINKING: SYSTEM SECURITY GOALS
Critical Thinking: System Security Goals
Name
Institution
1
CRITICAL THINKING: SYSTEM SECURITY GOALS
2
Critical Thinking: System Security Goals
Introduction
The information systems infrastructure of organizations has become main drivers of
business growth in the past decades and targets for individuals and groups with the malicious
intents such as the desire to gain unauthorized access or cause disruption of services. It is the
premises that contributed to the decision of the management of these organizations to develop
security policies and enforce protocols that ensure the communication between devices including
hardware and software is secured at all times. While the field of information security continues
to evolve regarding the threats and mitigation measures for tackling them, it is imperative for
experts and users to understand the standards for measuring the attainment of the security goals
of the company. Confidentiality, integrity, and availability are the three elements of the
information security triad that can be used for the evaluation of the attainment security goals of a
company or otherwise. Also, the measurement would highlight the efficiency of security controls
and the type of auditing practices that can be used by an organization to protect its information
assets against unauthorized access.
How do you know if your system is meeting your security goals?
Vacca (2012) wrote that the information security triad is the fundamental standard for
measuring the effectiveness or otherwise of the systems, processes, and procedures that are used
for protecting the information assets of any organization. They further added that the capacity of
the controls and protocols to protect the confidentiality of data, preserve its integrity, and ensure
its availability to authorized users is the guiding principle for the creation and implementation of
the governance models that are used for the protection of the assets. One of the approaches for
CRITICAL THINKING: SYSTEM SECURITY GOALS
3
uti...
Review
Review
Europe(Continental)