Info security legal issues discussion

User Generated

QVNZBAQPW

Computer Science

Description

1. "Policies, Standards, Procedures, and Guidelines" Please respond to the following:

This week you studied policies, standards, procedures and guidelines. If you were the project leader at a small company being spun off from a larger company, how would you tackle the task of adapting your company’s policies regarding information security? What are some of your greatest concerns? What rules are you likely to keep and which won’t really apply? Remember to keep a balance. You don’t want the employees to be so locked down by rules that they can’t efficiently do their jobs.

2. "Risk Assessment and Incident Response Teams" Please respond to the following:

Your medium-sized company has recently expanded funding for the IT department and is adding dedicated specialists to “Risk Assessment” and “Incident Response” teams. You’re helping with the organization of the new structure. What kind of certifications and education are you going to be looking for when assigning existing team members and new hires to these teams? How are you going to describe their jobs to them? Should these teams work together, or be independent of one another? Why? What should be the first projects each should undertake in your opinion, based on this week’s study?

3. "Computer Forensics Process" Please respond to the following:

The computer forensics investigative process includes five steps: Identification, Preservation, Collection, Examination, and Presentation. When a breach has occurred in a medium to large-sized company, cybersecurity experts, and sometimes forensics specialists will investigate using this process. In a small company, it’s likely that the IT staff will have multiple roles, but what do you think about the larger companies? Should the experts who do penetration testing or maintain the security defenses be involved in the forensics investigation after a breach? What are some pros and cons you can see in having a lot of people examining the breach?

User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Attached.

Running Head: COMPUTER INFORMATION SECURITY

Computer Information Security
Name
Institution
Course
Date

1

Running Head: COMPUTER INFORMATION SECURITY

2

1. "Policies, Standards, Procedures, and Guidelines”
I would tackle the task of adapting my company’s policies regarding information
security by describing how the organization would want its information assets protected from
external interference (Peltier, 2014). Out of these policies, guidelines and standards will be
developed to provide the applicable rules guiding the policy implementation.
During the process of adapting my company’s policies regarding information security,
some of your greatest concerns would be a selection of the most appropriate method of
developing the policies that would safeguard the interest of customers and their loyalty to the
company. Identifying the key processes and systems that are of fundamental benefit to the
company is also a major concern in this process (Peltier, 2014). Of great significance is to
consider all possible ways of regulating the policy for the benefit of the company and its
customers.

Among the rules that I am likely to keep during this adaptation process include the user
and physical control policies and access...


Anonymous
Great study resource, helped me a lot.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Related Tags