Information Systems Security Recommendations

Powerful Essays

1.0 HISTORY: 6


3.0 SCOPE: 7


4.1 Physical Security: Operation Class; Physical and Environmental Family (ID:PE): 7

Table 1; Recommended Common Physical and Environmental Controls 6

4.2 Network Security: Technical Class; ID & Authentication (ID:IA), Access Control (ID:AC), Audit & Accountability (ID:AU) and System & Communications Protection (ID:SC): 7

Table 2; Recommended Common Network Controls (IA) 7

Table 3; Recommended Common Network Controls (AC) 6

Table 4; Recommended Common Network Controls (AU) 6

Table 5; Recommended Common Network Controls (SC) 7

4.3 Data Security: Technical Class; Systems and Information Integrity (SI): 7

Table 6; Recommended Common Network Controls (SI) 8

4.4 Web Security: Technical Class; Systems and Information Integrity (SI) and System & Communications Protection (ID:SC) (See Table 5 and 6): 9


Riordan Manufacturing

Information Systems Security Recommendations

1.0 History:

Riordan Manufacturing is a global plastics manufacturer employing 550 people with projected annual earnings of $46 million. The company is wholly owned by Riordan Industries, a Fortune 1000 enterprise with revenues in excess of $1 billion. Connected via a Wide Area Network (WAN) it maintains facilities in Albany, Georgia, Pontiac, Michigan, and Hang Zhou, China. The company's research and development is done at the corporate headquarters in San Jose, Ca. Riordan's major customers are automotive parts manufacturers, aircraft manufacturers, the Department of Defense, beverage makers and bottlers, and appliance manufacturers.

Due to Riordan’s current cliental issues relating to Information System Security Assurance arose. To ...

... middle of paper ... the implementation of these recommended common security controls a foundation enabling a secure network environment will be achieved.


National Institute of Standards and Technology (NIST) Special Publication 800-53,

Recommended Security Controls for Federal Information Systems, February 2005,

by Various.

Federal Information Processing Standard (FIPS) 199, Standards for Security Categorization of

Federal Information and Information Systems, February 2004.

Federal Information Technology (IT) Assessment Framework (FITAF), November 28, 2000,

by NIST Computer Security Division Systems and Network Security Group.

Articles of the Law of the People’s Republic of China; on Regulations on the Administration

of Business Sites of Internet Access Services, February 16, 2003 from,
Get Access