It 244 Final
Associate Level Material
Appendix B
Information Security Policy
Student Name: Ronald Stride
University of Phoenix
IT/244 Intro to IT Security
Instructor’s Name: Scott Smith
Date: January 27, 2013
Table of Contents
1. Executive Summary 1
2. Introduction 1
3. Disaster Recovery Plan 1
3.1. Key elements of the Disaster Recovery Plan 1
3.2. Disaster Recovery Test Plan 1
4. Physical Security Policy 1
4.1. Security of the facilities 1
4.1.1. Physical entry controls 1
4.1.2. Security offices, rooms and facilities 1
4.1.3. Isolated delivery and loading areas 2
4.2. Security of the information systems 2
4.2.1. Workplace protection 2
4.2.2. Unused ports and cabling 2
4.2.3. Network/server equipment 2
4.2.4. Equipment maintenance 2
4.2.5. Security of laptops/roaming equipment 2
5. Access Control Policy 2
6. Network Security Policy 3
7. References 3
Executive Summary
Sunica Music and Movies will be implementing a full security plan to ensure proper handling and access of data in our new system. Vulnerable customer information being properly protected is a top priority for us. An added benefit will be the security and accuracy afforded to employees through this protection.
Customers trust this organization with highly private personal and financial information. That makes it our responsibly to handle that information with the utmost respect and care. Through the controls and procedures outlined in this policy we can achieve those goals.
Employees have the right while being given access to this type of information to also be fully protected. The controls and procedures designated here will also facilitate that. For example leveled access removes temptation to lower level employees and protects them from being accused of infractions not ever in their control.
Here at Sunica we are ready to
Appendix B
Information Security Policy
Student Name: Ronald Stride
University of Phoenix
IT/244 Intro to IT Security
Instructor’s Name: Scott Smith
Date: January 27, 2013
Table of Contents
1. Executive Summary 1
2. Introduction 1
3. Disaster Recovery Plan 1
3.1. Key elements of the Disaster Recovery Plan 1
3.2. Disaster Recovery Test Plan 1
4. Physical Security Policy 1
4.1. Security of the facilities 1
4.1.1. Physical entry controls 1
4.1.2. Security offices, rooms and facilities 1
4.1.3. Isolated delivery and loading areas 2
4.2. Security of the information systems 2
4.2.1. Workplace protection 2
4.2.2. Unused ports and cabling 2
4.2.3. Network/server equipment 2
4.2.4. Equipment maintenance 2
4.2.5. Security of laptops/roaming equipment 2
5. Access Control Policy 2
6. Network Security Policy 3
7. References 3
Executive Summary
Sunica Music and Movies will be implementing a full security plan to ensure proper handling and access of data in our new system. Vulnerable customer information being properly protected is a top priority for us. An added benefit will be the security and accuracy afforded to employees through this protection.
Customers trust this organization with highly private personal and financial information. That makes it our responsibly to handle that information with the utmost respect and care. Through the controls and procedures outlined in this policy we can achieve those goals.
Employees have the right while being given access to this type of information to also be fully protected. The controls and procedures designated here will also facilitate that. For example leveled access removes temptation to lower level employees and protects them from being accused of infractions not ever in their control.
Here at Sunica we are ready to
References: Cite all your references by adding the pertinent information to this section by following this example. American Psychological Association. (2001). Publication manual of the American Psychological Association (5th ed.). Washington, DC: Author. None Applicable