Essay on Information Security Program And Its Sustainability

Essay on Information Security Program And Its Sustainability

Length: 736 words (2.1 double-spaced pages)

Rating: Better Essays

Open Document

Essay Preview

The fourth phase of the Information security program is the Sustain phase. In this phase we are making sure to keep the network, computer systems, applications, and environment up and running in a secure and protected manner. This includes making sure that implemented controls are continuing to work properly, continue to do vulnerability assessments, and continue to do education and awareness. The price of security is the eternal vigilance, since the security is the ongoing thing, rather than one event only. There are also certain challenges when dealing with the information security program and its sustainability. The environment is constantly changing (systems, people, the way we do business, processes), threats are constantly evolving, funding for the security can change (for better or worse), organizational culture can change in regard to information security, and the variety of the audience that we have to deal (executives, management, technical, non-technical). Because of these challenges organization needs to avoid being overconfident about their implemented information security program, since if believe too much in it without proper adjustment over time it may become necessary to begin this cycle again.
We can adopt Security Management Model to help us manage and sustain the Information security program. There are several management models that can be adopted to the organizational needs in order to take a systematic approach to managing security operations. Some of those models are: ISO network management model, and The maintenance model.
ISO model is the five-layer approach provides guidance to the network and system administration and management. These layers of ISO model addresses management and operation thorough fiv...


... middle of paper ...


... Finally, readiness and review’s primary goal is to keep information security program functioning as designed and continuously improving. This is accomplished by policy review, program review, rehearsals.
Sustaining Information security program as said before is a process that never stops. In order to be successful there are certain best practices that need to be implemented. Review Business Continuity and Disaster Recovery plans twice a year, and test them once a year, provide consistent security awareness training, Further educate security staff, review policies and procedures at least once a year, examine physical security regularly, review copyright and privacy policy once a year, validate hardware inventory once a year, check external security information sources quarterly, analyze department’s accomplishments and shortcomings when planning for the next year.


Need Writing Help?

Get feedback on grammar, clarity, concision and logic instantly.

Check your paper »

Health Information Exchange Essay

- An HIE (health information exchange) allows medical professionals at multiple levels access and share medical information electronically, and within the confines of HIPAA privacy laws. HIE is meant to improve efficiency, speed, quality, and cost of patient care. It is thought by some in the industry that HIE is not able to address recurring challenges associated with rapid technological advancements. The initiative for HIE is being driven by meaningful use requirements, coordination needs for new payment approaches, and federal financial incentives....   [tags: electronic medical information, HIPAA laws]

Better Essays
1222 words (3.5 pages)

The Future Financial Status of the Social Security Program Essay

- Stephen C. Goss has extensively written about the future financial status of the social security program for the Americans and for the whole world at large. He patently articulates that changes enacted in 1983 on Social Security are expected to bring dynamic revolution, such that the benefits and other compensations would be paid in full and on a timely basis until 2037. In 2037, trust fund reserves are expected to be virtually exhausted. After the reserves are used, continuing taxes will be vastly relied upon to pay 76% of the benefits....   [tags: retirement scheme model]

Better Essays
974 words (2.8 pages)

Information Systems And Operations Management Essay

- Definition and History Information Systems and Operations Management(ISOM) is mixture of business related sections of Informational Technology and the operational/management side of businesses. According to the George Mason University School of Business page ISOM is used to teach students how to design, improve, and how to manage business processes. One side of ISOM is Information Systems, which is the gathering and transmission of data. Meanwhile operations management deals with the design and the ability to control production processes and the establishment of business operation structures....   [tags: Management, Operations management]

Better Essays
1559 words (4.5 pages)

Essay on The Issue Of Information Security Programs

- As relates to the Issue of Information Security programs, the Department of Health and Human Sciences has formulated various different policies aimed at governing information handling and security as concerns all the departments’ resources. Common in the list of policies are the Policy on Information and Technology security for Remote Access which was established to ensure the information and technology departments resources are appropriately protected during the authorization of remote accessibility to the automated information and system of the department of human and health services....   [tags: Information security, Security, Confidentiality]

Better Essays
1094 words (3.1 pages)

Security Programs And The Security Program Essay

- The implementation phases seen in figure instead represented a flow of activities in the security program. The security program cycle involves in establishing information security requirements, taming the employee to know their responsibility by the requirements, built the authority structures to ensure Program compliance, and monitor and reporting of growth. This cycle helps in implementing the security program[3]. 4.1 Intentional Goals for Security Program Implementation The goals for security program implementation are as follows Goal 1: Approve, Develop, and Promote of security Collaboration with many organizations will lead to approve, develop and promote the security policies of i...   [tags: Security, Information security, Computer security]

Better Essays
2015 words (5.8 pages)

The Global Security Policy Should Be The Foundation Of Its Information Security Program

- The Global Security Policy Webster characterizes "policy" as a "high-level overall plan embracing the general goals and acceptable procedures". It is, for the most part recognized that an organization 's information security policy should be the foundation of its information security program. Particularly in case of global organizations, the necessity for sensible policies and the issues intrinsic in their creation them are exceptionally critical. This paper acts as a dialog of probably the most widespread data security strategy-related matters that are familiar to global organizations and offer some approaches to dealing with them....   [tags: Security, Information security, Computer security]

Better Essays
1215 words (3.5 pages)

Developing Security Programs : Security Program Essay

- Not only Ashley Madison, but most of the high profile companies reported data breach in recent years. For instance, in March, health care insurance provider Premera Blue Cross reported the hack which had compromised 11 million customer details including financial information such as bank account. Even in the case of Ashley Madison the motivation was different but eventually data, credit card information was compromised. After reviewing the case of Ashley Madison, Here are some of the recommendations gathered from online and text book....   [tags: Computer security, Information security, Security]

Better Essays
723 words (2.1 pages)

The Agency 's Strategic Objectives Essay

- The agency’s strategic objectives to achieve appropriate balance in organizational needs Law enforcement response to ongoing incidents takes precedence, but must be balanced with physical security requirements to maintain Inter Agency Security Committee (ISC) established criteria for the security of each facility. This can obviously be a challenge due to the relatively small size of the agency. Balancing daily operations with critical missions can be a daunting task. Preparation and proactive measures maintain operational readiness for deployable events while maintaining adequate coverage at assigned duty stations....   [tags: Security, Security guard, Police]

Better Essays
962 words (2.7 pages)

Essay about Information Security And Information Technology

- Information security refers to all of the approaches and policies designed to protect a corporation’s information and facts machine from unauthorized access, use, disclosure, disruption modification, or destruction. it 's a standard term that may be used regardless of the shape the data might also take. As for information protection, people typically divided it into two components, which are the IT safety and facts assurance. Sometimes referred as computer security, information technology security has been information security applied to technology, which most often some form of computer system....   [tags: Computer, Computer security, Information security]

Better Essays
983 words (2.8 pages)

Information Security : A Comprehensive Security Framework Essay

- Institutions of higher learning are increasingly using Information and Communication systems in administration, teaching, learning and research. This infrastructure needs to be available, secure and well protected. It therefore becomes crucial for information security practitioners in public universities to implement effective information security programs. Information security focuses on technological issues and important elements of an organization such as people, process, business strategies etc., which also mandates the need for information security....   [tags: Information security, Security, Computer security]

Better Essays
1097 words (3.1 pages)