Information Security
Six Extended Characteristics of Information Security;
The extended characteristics of information security as proposed by (Whitman, M.E. & Mattord, H.J, 2010) are planning, policy, programs, protection and project management. Being highly respectable experts in the field of information technology, specifically information systems and security, transfers credibility and authenticity to the anticipated theories. The six characteristics will now be explained.
Planning;
The planning stage in Information Security (InfoSec) throughout the planning stage the Chief Information Officer (CIO) uses the IT objectives assembled from the business unit plants to create the organisations IT Strategy. The purpose of the IT strategy is to enlighten the IT functional area.
According to (Whitman, et al., 2010) the IT strategy may be used for an information security planning when the Chief Security Information Officer (CSIO) gets involved with the CIO or other executives to develop the strategy for the next lower level.
There is seven types of InfoSec plans;
• Incident Response
• Business continuity
• Disaster recovery
• Policy
• Personnel planning
• Technology rollout training and awareness
Policy;
There is three categories of policy that most enterprise organisations follow, the three policies are as followed;
Enterprise Information Security Policy (EISP)
An enterprise information security policy, also known as EISP and in simpler form it is also known as an Information Security policy (InfoSec). In high sight, according (Whitman, et al., 2010) the EISP is to guide the development, implementation, and management requirements of the Information security program, of which must be met by information security management, IT development, IT operations and other specific security functions.
There needs to be strict communication between the top level executives, these include the CISO and CIO, which consist to make sure the EISP supports the organisations vision and
The extended characteristics of information security as proposed by (Whitman, M.E. & Mattord, H.J, 2010) are planning, policy, programs, protection and project management. Being highly respectable experts in the field of information technology, specifically information systems and security, transfers credibility and authenticity to the anticipated theories. The six characteristics will now be explained.
Planning;
The planning stage in Information Security (InfoSec) throughout the planning stage the Chief Information Officer (CIO) uses the IT objectives assembled from the business unit plants to create the organisations IT Strategy. The purpose of the IT strategy is to enlighten the IT functional area.
According to (Whitman, et al., 2010) the IT strategy may be used for an information security planning when the Chief Security Information Officer (CSIO) gets involved with the CIO or other executives to develop the strategy for the next lower level.
There is seven types of InfoSec plans;
• Incident Response
• Business continuity
• Disaster recovery
• Policy
• Personnel planning
• Technology rollout training and awareness
Policy;
There is three categories of policy that most enterprise organisations follow, the three policies are as followed;
Enterprise Information Security Policy (EISP)
An enterprise information security policy, also known as EISP and in simpler form it is also known as an Information Security policy (InfoSec). In high sight, according (Whitman, et al., 2010) the EISP is to guide the development, implementation, and management requirements of the Information security program, of which must be met by information security management, IT development, IT operations and other specific security functions.
There needs to be strict communication between the top level executives, these include the CISO and CIO, which consist to make sure the EISP supports the organisations vision and