Management Of Information Security
6th Edition
ISBN: 9781337405713
Author: WHITMAN, Michael.
Publisher: Cengage Learning,
expand_more
expand_more
format_list_bulleted
Question
Chapter 9, Problem 1RQ
Program Plan Intro
Information security is the protection of information in the organization; it helps to manage data access, web-browsing behaviors, passwords usage and encryption, email attachments, and so on.
- It is designed to provide structure in the workplace, create a productive and effective work place.
- It is free from unnecessary distractions.
Expert Solution & Answer
Explanation of Solution
Review of job descriptions:
If an organization undertakes an InfoSec-driven review of job description, all employee’s job description and subsequent performance are reviewed to make the whole organization proceeds InfoSec further serious.
- The employee job descriptions are recruiting, hiring, firing, managing and releasing human resources.
IT jobs not directly associated:
IT jobs which is not directly associated with InfoSec should be reviewed are auditing, HR(Human Resources), and purchasing jobs.
Want to see more full solutions like this?
Subscribe now to access step-by-step solutions to millions of textbook problems written by subject matter experts!
Students have asked these similar questions
Question
Design a case study involving a hypothetical cybersecurity
scenario by using this outline
1. The various types of stakeholders potentially affected by the case, and the differentstakes/interests they have in the outcome.2. The different types of cybersecurity professionals or practitioners that might be involved in a case like this, and their specific responsibilities.3. The potential benefits and risks of harm that could be created by effective or ineffective cybersecurity practices in the case, including ‘downstream’ impacts.
4. The ethical challenges most relevant to this case
5. The ethical obligations to the public that such a case might entail for the cybersecurity professionals involved.6. Any potential in the case for disparate impacts on others, and how those impacts might affect the lives of different stakeholders7. The ethical best-case scenario (the best outcome for others that the cybersecurity practitioners involved could hope to secure from their practice)…
In an information security incident response plan, what are a company's procedures for sharing
in formation?
Chain Link Consulting is an information technology consulting company that focuses on system security concerns. When the company's president asks you to assist her with the preparation of a presentation for a group of potential clients at a trade show meeting next month, you say "yes." First and foremost, she would like you to examine system security concerns in light of all six security levels. Afterwards, she wants you to come up with a list of methods that Chain Link might evaluate a client's security procedures in order to obtain an accurate evaluation of their level of exposure.It was her way of making the situation more intriguing by saying that it was fine to be imaginative in your ideas, but that you should avoid proposing anything that would be unlawful or immoral. Example: It might be OK to pretend as a job candidate with phony references to see whether they were being reviewed, but it would be inappropriate to steal a lock and access the computer room to check on things.Your…
Chapter 9 Solutions
Management Of Information Security
Ch. 9 - Prob. 1RQCh. 9 - Prob. 2RQCh. 9 - Prob. 3RQCh. 9 - Prob. 4RQCh. 9 - Prob. 5RQCh. 9 - Prob. 6RQCh. 9 - Prob. 7RQCh. 9 - Prob. 8RQCh. 9 - Prob. 9RQCh. 9 - Prob. 10RQ
Ch. 9 - Prob. 11RQCh. 9 - What is a performance target, and how is it used...Ch. 9 - List and describe the fields found in a properly...Ch. 9 - Prob. 14RQCh. 9 - Prob. 15RQCh. 9 - Prob. 16RQCh. 9 - Prob. 17RQCh. 9 - Prob. 18RQCh. 9 - Prob. 19RQCh. 9 - Prob. 20RQCh. 9 - Prob. 1ECh. 9 - Prob. 3ECh. 9 - Prob. 4ECh. 9 - Prob. 1DQCh. 9 - Prob. 2DQCh. 9 - Prob. 1EDMCh. 9 - Prob. 2EDMCh. 9 - Prob. 3EDM
Knowledge Booster
Similar questions
- What are the tactics and goals of an information security incident plan designed to protect against an increase in theft and security incidents?arrow_forwardWhat kinds of aims and techniques should an information security incident plan include in order to guard against a rise in the number of thefts and security incidents?arrow_forwardCISOs are tasked with creating a strategy for a company's information security program. What are the most significant aspects of a security program in your opinion?arrow_forward
- when an orginization undertakes an infosec-driven review of job descriptions, which job descriptions must be reviewed? Which IT jobs not directly associated with information security should be reviewed? 1 page double spaced pleasearrow_forwardThe information security plan of an organization serves as a project strategy, but how is this accomplished?arrow_forwardA project plan is a company's information security blueprint, but how does this occur?arrow_forward
arrow_back_ios
arrow_forward_ios
Recommended textbooks for you
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,Principles of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage LearningPrinciples of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
- Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781285867168Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning