Final Project
Introduction
An effective IT Security policy protects the organization against possible threats to the infrastructure and data that the organization has. It will provide and maintain its ability to provide confidentiality, integrity, availability, and security of the client’s data within the organization’s environment.
Overview
The IT Security and Compliance policy for LenderLive Network Inc. will detail the policies, procedures, and guidelines that the organization will adhere to, to ensure compliance of the Graham-Leach-Bliley Act (GLBA) and Federal Trade Commission’s Safeguards Rule. It describes the elements to which the organization intends to ensure the security and confidentiality of covered records, protect against any anticipated threats or hazards to the security of the records, and protect against unauthorized access or use of records or information in ways that could result in harm to clients.
Purpose
The purpose of this policy is to define the policies, procedures, and guidelines that will be adhered to and enforced within LenderLive Network Inc.
Risk Analysis
Overview
The risk analysis will use the Strengths, Weaknesses, Opportunities and Threats (SWOT) format to analyze the risks that could face the organization.
Purpose
The purpose of the risk analysis is providing a detailed analysis of the possible threats and risks associated with the organization and the controls needed to mitigate these threats.
Risks that LenderLive Network considers on a normal basis are users leaving computers unsecure. When they walk away, not using proper storage techniques with their passwords i.e. storing them in plain sight. Users of LenderLive Network also have issues with leaving client personal information in open view when they leave their desks or when they leave for the night. Tailgating, entering into the office area without swiping the secured badge is another issue that many employees of LenderLive Network have been accused of and guilty of.
An effective IT Security policy protects the organization against possible threats to the infrastructure and data that the organization has. It will provide and maintain its ability to provide confidentiality, integrity, availability, and security of the client’s data within the organization’s environment.
Overview
The IT Security and Compliance policy for LenderLive Network Inc. will detail the policies, procedures, and guidelines that the organization will adhere to, to ensure compliance of the Graham-Leach-Bliley Act (GLBA) and Federal Trade Commission’s Safeguards Rule. It describes the elements to which the organization intends to ensure the security and confidentiality of covered records, protect against any anticipated threats or hazards to the security of the records, and protect against unauthorized access or use of records or information in ways that could result in harm to clients.
Purpose
The purpose of this policy is to define the policies, procedures, and guidelines that will be adhered to and enforced within LenderLive Network Inc.
Risk Analysis
Overview
The risk analysis will use the Strengths, Weaknesses, Opportunities and Threats (SWOT) format to analyze the risks that could face the organization.
Purpose
The purpose of the risk analysis is providing a detailed analysis of the possible threats and risks associated with the organization and the controls needed to mitigate these threats.
Risks that LenderLive Network considers on a normal basis are users leaving computers unsecure. When they walk away, not using proper storage techniques with their passwords i.e. storing them in plain sight. Users of LenderLive Network also have issues with leaving client personal information in open view when they leave their desks or when they leave for the night. Tailgating, entering into the office area without swiping the secured badge is another issue that many employees of LenderLive Network have been accused of and guilty of.
Cited: Anton, A. (2012). Lenderlive: Due Diligence Manual. Glendale. Board, P. C. (2008, October). PCI Compliance Guide. Congress, 1. (1999, November 12). Gramm-Leach-Bliley Act. Montagu, A. (2001). The Free Dictionary. Retrieved from legal-dictionary,freedictionary.com: http://legal-dictionary.thefreedictionary.com/Intellectual+Property