Information Security Policy Basics

2017 ◽  
pp. 17-23
Keyword(s):  
Information Security ◽  
Security Policy ◽  
Information Security Policy

INFORMATION SECURITY POLICY OF A HIGHER EDUCATIONALl INSTITUTION

2018 ◽  
pp. 56-64
Author(s):  
Irina A. Rusetskaya ◽  
◽  
Alexander V. Zakharenkov ◽  
Keyword(s):  
Information Security ◽  
Security Policy ◽  
Information Security Policy

Information security policy as an element of cyberspace protection

2021 ◽  
pp. 37-43
Author(s):  
M. M. Taraskin ◽  
S. A. Matyunin ◽  
Yu. I. Kovalenko
Keyword(s):  
Information Security ◽  
Security Policy ◽  
Information Security Policy

scholarly journals Validity of information security policy models

2004 ◽  
Vol 16 (3) ◽  
pp. 263-274 ◽  
Author(s):  
Joshua Onome Imoniana
Keyword(s):  
Information Technology ◽  
Information Security ◽  
Security Policy ◽  
Chief Executive ◽  
Theoretical Models ◽  
Information Security Policy ◽  
Security Officer ◽  
Continuity Planning ◽  
Policy Models ◽  
Inclusive Business

Validity is concerned with establishing evidence for the use of a method to be used with a particular set of population. Thus, when we address the issue of application of security policy models, we are concerned with the implementation of a certain policy, taking into consideration the standards required, through attribution of scores to every item in the research instrument. En today's globalized economic scenarios, the implementation of information security policy, in an information technology environment, is a condition sine qua non for the strategic management process of any organization. Regarding this topic, various studies present evidences that, the responsibility for maintaining a policy rests primarily with the Chief Security Officer. The Chief Security Officer, in doing so, strives to enhance the updating of technologies, in order to meet all-inclusive business continuity planning policies. Therefore, for such policy to be effective, it has to be entirely embraced by the Chief Executive Officer. This study was developed with the purpose of validating specific theoretical models, whose designs were based on literature review, by sampling 10 of the Automobile Industries located in the ABC region of Metropolitan São Paulo City. This sampling was based on the representativeness of such industries, particularly with regards to each one's implementation of information technology in the region. The current study concludes, presenting evidence of the discriminating validity of four key dimensions of the security policy, being such: the Physical Security, the Logical Access Security, the Administrative Security, and the Legal & Environmental Security. On analyzing the Alpha of Crombach structure of these security items, results not only attest that the capacity of those industries to implement security policies is indisputable, but also, the items involved, homogeneously correlate to each other.

scholarly journals NATIONAL INFORMATION SECURITY POLICY IN THE USА AND THE EU

2019 ◽  
Vol 26 ◽  
pp. 201-207
Author(s):  
Yevhenii Taran ◽  
Keyword(s):  
Information Security ◽  
Security Policy ◽  
Information Security Policy ◽  
National Information ◽  
The Eu

scholarly journals Conceptual principles for ensuring effective protection of information in the context of economic security of the enterprise

2020 ◽  
pp. 84-92
Author(s):  
A.V. Pecheniuk
Keyword(s):  
Information Security ◽  
Information And Communication Technologies ◽  
Security Policy ◽  
Criminal Responsibility ◽  
Economic Security ◽  
Information Policy ◽  
Security System ◽  
Theory And Practice ◽  
Confidential Information ◽  
Information Security Policy

The necessity of formation of an effective information security system of the enterprise is substantiated. It is emphasized that when designing an information policy, the firm must comply with the requirements of the current legislation, take into account the level of technical support, especially the regulation of employees' access to confidential information, etc. It is stated that the costs of organizing information security measures should be appropriate to its value. The article identifies major threats that could be breached by confidential information. The list of the main normative legal acts aimed at bringing to civil, administrative and criminal responsibility for illegal collection, disclosure and use of information constituting a trade secret. The main stages of building an information security policy are summarized, the most common types of information threats related to the use of modern computer technologies are described. The necessity of developing a domestic original accounting (management) program that could be used in the long term by the vast majority of Ukrainian enterprises is pointed out. There are three groups of tools that are applied in the theory and practice of information security of the enterprise (active, passive and combined), emphasizing the need for planning and continuous monitoring in real time of all important processes and conditions that affect data security. It is noted that even if the information security system is built taking into account all modern methods and means of protection, it does not guarantee one hundred percent protection of the information resources of the enterprise, but a well-designed information security policy allows to minimize the corresponding risks. Key words: information security, information policy, information security, confidential information, information threats, information and communication technologies, software.

Sign in / Sign up

Export Citation Format

Share Document