Preview

City of Chicago Information Security Policy

Powerful Essays
Open Document
Open Document
2909 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
City of Chicago Information Security Policy
Critique of current Chicago information security policy
Enterprise Information Security Policy (EISP)
Areas similar to standards discussed Overview of the corporate philosophy on security Documents the Introduction and Purpose of the Information security policy of Chicago It provides a reasonable framework that helps the reader to understand the intent of the document
Overview  The City of Chicago (City) intends to manage its information technology and information assets to maximize their efficient, effective, and secure use in support of the City‘s business and its constituents.  This document, the Information Security Policy (Policy), defines the governing principles for the secure operation and management of the information technology used, administered, and/or maintained by the City and for the protection of the City‘s information assets. Violations of the City‘s Information Security Policy must be reported to Department Management or the Department of Innovation and Technology‘s (DoIT) Chief Information Officer.



Purpose



To define the responsibilities of the City‘s officers, employees, agents, departments, commissions, boards, offices, and agencies with respect to appropriate use and protection of the City‘s information assets and technology. To ensure that the City‘s information assets and technology are secure from unauthorized access, misuse, degradation, or destruction.



Information Security Organization Provides information on the structure of the information security organization and individuals that fulfill the information security role Scope  This Information Security Policy applies to the City of Chicago, its departments, commissions, boards, offices, and agencies, and all officers, employees, temporary employees, interns, vendors, consultants, contractors and agents thereof--collectively referred to as ―User(s)‖. The principles set forth in this Policy are applicable to all information technology and assets, in all

You May Also Find These Documents Helpful

  • Better Essays

    Whitman, M., & Mattord, H. (2004). Information Security Policy. In Management of information security(Fourth ed., p. 154). Boston, Mass.: Thomson Course…

    • 2101 Words
    • 8 Pages
    Better Essays
  • Satisfactory Essays

    IT255 Project 1

    • 663 Words
    • 2 Pages

    At Richman Investments the personnel is accountable for the appropriate use of IT assets. Therefore, it is in the best interest of the organization to ensure employees handle security procedures with integrity. It is essential to create a strong AUP (Acceptable Use Policy) procedure and as part of the process, require employees sign an agreement to guarantee they understand and conform to implemented rules and regulations. In addition, the company will conduct security awareness training, annual security exercises, notices about securing information, and constant reminders security is everyone’s responsibility.…

    • 663 Words
    • 2 Pages
    Satisfactory Essays
  • Better Essays

    Swanson, M. (2006, February). Guide for Developing Security Plans for Federal Information Systems. Retrieved from http://csrc.nist.gov/publications/nistpubs/800-18-Rev1/sp800-18-Rev1-final.pdf…

    • 4134 Words
    • 12 Pages
    Better Essays
  • Good Essays

    This report gives a brief description the general security solutions planned for the safety of data and information that belongs to the organization. The outline will provide elements of a multi-layered security plan, and will indicate a general security solution for each of the seven domains of a typical IT infrastructure. Also I will describe a layer of security for each of the seven domains.…

    • 801 Words
    • 4 Pages
    Good Essays
  • Powerful Essays

    IS3550 Final Project

    • 4998 Words
    • 19 Pages

    The purpose of this paper is to develop an information security policy that defines the requirements to make our organization's computer network compliant with National Institute of Standards and Technology (NIST) Security Standards. NIST regulations and instructions were reviewed in order to develop the requirements that are stated in this policy. The source documents used can be found in the references section.…

    • 4998 Words
    • 19 Pages
    Powerful Essays
  • Powerful Essays

    Due in Week Nine: Write 3 to 4 paragraphs giving a bottom-line summary of the specific measureable goals and objectives of the security plan, which can be implemented to define optimal security architecture for the selected business scenario.…

    • 4827 Words
    • 20 Pages
    Powerful Essays
  • Powerful Essays

    Nt1310 Unit 1 Assignment 1

    • 1434 Words
    • 6 Pages

    Information has become the most valuable asset of any organization. And keeping that information secure is a major factor in the design and development of any computer system. Security is defined by Merriam-Webster as “the state of being protected or safe from harm”. It is up to every organization to insure that their data is protected, and that nothing that is harmful to the company or its clients is compromised.…

    • 1434 Words
    • 6 Pages
    Powerful Essays
  • Satisfactory Essays

    Imagine University of Phoenix’s IT department has hired you. Your first task is to make sure the department is following the most important information security practices.…

    • 598 Words
    • 3 Pages
    Satisfactory Essays
  • Good Essays

    BSA/310

    • 674 Words
    • 3 Pages

    In business, an information security is a set of policies to protect the companies and small businesses infrastructure, physical, and information technology assets, and to ensure that information technology users within the domain of the companies and small businesses comply with the rules and guidelines related to the security of the information stored digitally at any network within the boundaries of authority. In short, it can protect data from the outside and even inside threat. The data and information, which the companies and small businesses have, are arguably the most important assets. They should ensure the data confidentiality, integrity, availability, non-repudiation, authentication, and authorization. Most small businesses and companies must have information security to ensure their business and information assets. Information security protects data and controls how it should be distributed within or without the businesses boundaries. This means that information should be encrypted and may have restrictions placed on its distribution to the third party. Information security should protect the data from the outside threats such as:…

    • 674 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    NT2580

    • 1232 Words
    • 14 Pages

    ISS Information Systems Information NT2580 Introduction to Information Security © ITT Educational Services, Inc. All rights reserved. Page 5…

    • 1232 Words
    • 14 Pages
    Satisfactory Essays
  • Good Essays

    Often Information Technology Directors overlook that information security is more of a people issue rather than a technology issue. We rely heavily on people’s awareness, ethics and behavior, and an understanding of what they want to achieve is essential to accomplish the goals of business. This includes the employees that deliver services and the customers that take advantage of them, as well as the senior executives that outline the budgets.…

    • 801 Words
    • 4 Pages
    Good Essays
  • Good Essays

    Resident Evil 5 Analysis

    • 470 Words
    • 2 Pages

    In the article of Andre Brock, dated 2011, When keeping it real goes wrong: Resident Evil 5, Racial Representations, and Games, the following is a summary of the article in which it focuses on the representation of the game Resident Evil 5 describing the features or stereotypical strategies used to establish Sheva Alomar’s character.…

    • 470 Words
    • 2 Pages
    Good Essays
  • Better Essays

    Final Project

    • 4129 Words
    • 13 Pages

    An effective IT Security policy protects the organization against possible threats to the infrastructure and data that the organization has. It will provide and maintain its ability to provide confidentiality, integrity, availability, and security of the client’s data within the organization’s environment.…

    • 4129 Words
    • 13 Pages
    Better Essays
  • Good Essays

    References: Johnson, Rob. with Merkow, Mike. Security Policies and Implementation Issues. First Edition. Copyright © 2011by Jones & Bartlett Learning, LLC, an Ascend Learning company…

    • 577 Words
    • 2 Pages
    Good Essays
  • Satisfactory Essays

    Discussion 1

    • 396 Words
    • 2 Pages

    From a management perspective, analyze the overall industry requirements and major organizational challenges of forming a sound information security program, and ascertain the fundamental manner in which regulations and compliancy may factor into the challenges in question.…

    • 396 Words
    • 2 Pages
    Satisfactory Essays