Information Security For Non-Technical Managers: Analysis
WRITTEN ASSIGNMENT UNIT 7
Question: Submit a written paper which is at least two pages in length, double spaced in Times New Roman (or its equivalent) font which is no greater than 12 points in size. After referring to Chapter 3 of Information Security for Non-Technical Managers, discuss the three main areas of accountability regarding information security. When discussing each area, provide an example from outside the textbook.
STUDENT X
UNIVERSITY OF THE PEOPLE
According to Gelbstein (2013), the three main areas of accountability regarding information security are Enterprise security, Information security and Information Technology security. This paper will define and discuss these three areas of accountability with examples.
By definition, Accountability means that every individual who works with an information system should have specific responsibilities for information assurance. The tasks for which an individual is responsible are part of the …show more content…
An example is the Virginia Information Technology Agency’s IT Security Audit, Monitoring and Logging Policy. It states “The purpose of this policy is to create a prescriptive set of process and procedures, aligned with applicable COV IT security policy and standards, to ensure the Virginia Information Technologies Agency (VITA) develops, disseminates, and updates the IT Security Audit, Monitoring and Logging Policy. This policy and procedure establishes the minimum requirements for the IT Security Audit, Monitoring and Logging Policy.
This policy is intended to meet the control requirements outlined in SEC502, and SEC501, Section 8.3 Audit and Accountability Family, Controls AU-1 through AU-11. All VITA employees (classified, hourly, or business partners) as well as all VITA systems classified as sensitive”. (www.vita.virginia.gov).
INFORMATION TECHNOLOGY
Question: Submit a written paper which is at least two pages in length, double spaced in Times New Roman (or its equivalent) font which is no greater than 12 points in size. After referring to Chapter 3 of Information Security for Non-Technical Managers, discuss the three main areas of accountability regarding information security. When discussing each area, provide an example from outside the textbook.
STUDENT X
UNIVERSITY OF THE PEOPLE
According to Gelbstein (2013), the three main areas of accountability regarding information security are Enterprise security, Information security and Information Technology security. This paper will define and discuss these three areas of accountability with examples.
By definition, Accountability means that every individual who works with an information system should have specific responsibilities for information assurance. The tasks for which an individual is responsible are part of the …show more content…
An example is the Virginia Information Technology Agency’s IT Security Audit, Monitoring and Logging Policy. It states “The purpose of this policy is to create a prescriptive set of process and procedures, aligned with applicable COV IT security policy and standards, to ensure the Virginia Information Technologies Agency (VITA) develops, disseminates, and updates the IT Security Audit, Monitoring and Logging Policy. This policy and procedure establishes the minimum requirements for the IT Security Audit, Monitoring and Logging Policy.
This policy is intended to meet the control requirements outlined in SEC502, and SEC501, Section 8.3 Audit and Accountability Family, Controls AU-1 through AU-11. All VITA employees (classified, hourly, or business partners) as well as all VITA systems classified as sensitive”. (www.vita.virginia.gov).
INFORMATION TECHNOLOGY