Find This Guidelines in Developing Information Security Policy For Your Organization

In 1858, a telegram of 98 words from Queen Victoria to President James Buchanan of the United States opened a new era in global communication. The queen's message of congratulation took 16½ hours to transmit through the new transatlantic telegraph cable. The president then sent a reply of 143 words back to the queen. Normally, without the cable, a dispatch in one direction would have taken perhaps 12 days by the speediest combination of inland telegraph and fast steamer.

Today, the speed of your message from UK to US could be as fast as you click the "send" button if you send a message via E-mail. In business, the corporate and the organizations depend on the reliability of the system information. Information is an asset which, like other important business assets, has value to the corporate and consequently needs to be suitably protected in reference to the management of the information security. Information security protects information from a wide range of threats in order to ensure business continuity and minimize business damage. Information security is achieved by implementing a suitable set of controls in the form of policies, procedures, organizational structures, systems and functions to ensure that the security objectives of the organization are met.

Information Security deals with a number of important concepts. Information security is concerned with ensuring the information security of all information and the systems, processes and procedures relating to the management and use of the information. Information may be in hard copy or soft copy stored on various types of information media such as diskettes, compact discs or computer networks.

1. Information has varying degrees of sensitivity and criticality. A great deal of information may need no, or only very low levels of security. However, other information may be commercially sensitive and will require higher levels of security. Information assets must be classified and managed according to their security requirements and to ensure that security controls are commensurate with the security risks. 2. There is increasing dependence on information systems and on the exchange of information between Business Units and with business partners. This brings with it increasing exposure to security threats.

Information security should be applied to all corporate operations. Business Units are responsible for ensuring that their information assets are appropriately protected. All users have responsibility for the information security they utilize, and management must ensure that information security controls are properly implemented. Information security does not ensure security. However, the information security does provide a framework and reference point for management to implement appropriate information security controls, and is a means of raising awareness of users’ responsibilities relating to information security. The potential consequences of an Information Security breach can:

Page 1 of 4 :: First | Last :: Prev | 1 2 3 4 | Next