Question

Information security principles provide the basis for security standards. There are several entities and governing bodies...

Information security principles provide the basis for security standards. There are several entities and governing bodies that create standards and regulations for use with information security.

Explain the design methodology, implementation approach, and the person who involves in designing a good information security system for an organization.                            (20 marks)   

Learning Outcome:

Explain the basic principles and techniques in designing a secure system

0 0
Add a comment Improve this question Transcribed image text
Answer #1

Please upvote if you are able to understand this and if there is any query do mention it in the comment section.

Design methadology - This refers to the development of some kind of system for some unique web design or information design. The design methadology aims at finding the best solution for a given design solution.

Implementation approach - This approach describes exactly how the actions are required to be performed and how the decisions are required to be taken so that organization can move from ideas to achieving them in reality. Implementation approach also describes how all the strategies that were made will be getting executed in reality.

Within an organization, everyone like employees, managers can be responsible for designing a good information security system. The organization has to ensure that any individual who will be representing the organization is enough trained in information security. The implementation approaches are: Bottom-up approach and top-down approach.

Bottom-up approach - In this approach, the entire organization has to show their participation in the process which will lead the organization to success. Bottom up approach allows every employee of the organization to accomplish their goals and also whatever the objective that has been set. Example - There are organizations in which only seniors are allowed to participate in decision making process. But the organizations, in which bottom-up approach is followed there everyone is participates in the decision making process.

Top-down approach - In this approach, the seniors like CEO or chairman of the organization takes decision for the entire organization. The action that has been declared to be taken by the seniors are required to be carried out by the entire organization as first the action is executed by middle management then by the management at the bottom. Example - Organizations follows this approach as following this approach sets a execution ladder in structural way.

Basic principles in a designing a secure system are:

Integrity - The data that is being transferred or share is not supposed to be tampered or modified by any unauthenticated users or any third party.

Confidentiality - Only users who are authenticated are allowed to have access to data and anyone else is not permitted to have access to the data.

Availability - The should be available only to the authenticated users whenever the they will be need exactly on time neither too late nor too late.

Techniques for designing a secure system can be:

  • Separating the individuals according to their duties will make sure that no individual can perform any act of deception that can cause harm to the system.
  • Avoiding the security controls to be very complex or sophisticated as such an architecture can lead to large number of errors in the future in the security systems.
Add a comment
Know the answer?
Add Answer to:
Information security principles provide the basis for security standards. There are several entities and governing bodies...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions
  • c. reading written WUIUS. d listening to what is said. e. A and D 11. With...

    c. reading written WUIUS. d listening to what is said. e. A and D 11. With the cognitive domain, what is a way to help patients remember critical information? a. Provide written step-by-step directions for the patient to follow. b. Give timely feedback on the patient's performance. c. Consider cultural customs in your coaching. d. Present information in small chunks and in a clear well-organized manner. e. Band D Which of the following would be a barrier to learning in...

  • The discussion: 150 -200 words. Auditing We know that computer security audits are important in business....

    The discussion: 150 -200 words. Auditing We know that computer security audits are important in business. However, let’s think about the types of audits that need to be performed and the frequency of these audits. Create a timeline that occurs during the fiscal year of audits that should occur and “who” should conduct the audits? Are they internal individuals, system administrators, internal accountants, external accountants, or others? Let me start you: (my timeline is wrong but you should use some...

  • Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around...

    Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...

  • Create a lesson plan from the following: CHAPTER 3 Learning and HRD 67 Learning is a...

    Create a lesson plan from the following: CHAPTER 3 Learning and HRD 67 Learning is a vital aspect of all HRD efforts. Whether you are training a carpenter's apprentice to use a specialized power tool, conducting a workshop o teach managers how to use discipline more effectively, trying to get meat- packers to understand and follow new safety procedures, or promoting career levelopment among your employees, your goal is to change behavion, knowl- es throwgh eaming. Supervisors and HRD professionals...

  • These tests are intended for undergraduate students in college or those under 18 years of age.

    These tests are intended for undergraduate students in college or those under 18 years of age.Read these directions carefully!The below test includes 10 questions, randomly selected from a large inventory. Most questions will be different each time you take the test,You must answer at least 9 out of 10 questions correctly to receive your Certificate.You have 40 minutes to complete each test, and you must answer all 10 questions in order to to see your results. If you do not...

  • Title: Partners Health Care Systems (PHS): Transforming Health Care Services Delivery through Information Management According to...

    Title: Partners Health Care Systems (PHS): Transforming Health Care Services Delivery through Information Management According to government sources, U.S. expenditures on health care in 2009 reached nearly $2.4 trillion dollars ($2.7 trillion by the end of 2010).[1] Despite this vaunting national level of expenditure on medical treatment, death rates due to preventable errors in the delivery of health services rose to approximately 98,000 deaths in 2009.[2] To address the dual challenges of cost control and quality improvement, some have argued...

  • A new version of the operating system is being planned for installation into your department’s production...

    A new version of the operating system is being planned for installation into your department’s production environment. What sort of testing would you recommend is done before your department goes live with the new version? Identify each type of testing and describe what is tested. Explain the rationale for performing each type of testing. [ your answer goes here ] Would the amount of testing and types of testing to be done be different if you were installing a security...

  • Introduction: A manufacturing company that possesses many complexities can be highly challenged when maintaining production goals...

    Introduction: A manufacturing company that possesses many complexities can be highly challenged when maintaining production goals and standards in conjunction with a major organizational change. Garment manufacturing is a complex industry for many reasons. The product line is a complex array of styles, seasons, varying life cycles and multidimensional sizing. Many sewn product firms are viewing TQM as the appropriate strategy to meet the double demand of competition and quality; however, many companies are finding sustaining their TQM adoption decision...

  • Case Study 12: Hong Kong Police’s Project Management B Chuah Background In the 1990’s, Hong Kong...

    Case Study 12: Hong Kong Police’s Project Management B Chuah Background In the 1990’s, Hong Kong Police (HKP) was responsible for the public safety and internal security of Hong Kong. She came under the umbrella of the Security Bureau of the Government of Hong Kong. It had more than 34,000 employees, of these, over 26,000 were disciplinary staff. This was the largest department within the hierarchy of the Government of Hong Kong. The organization structure of HKP was rather complicated....

  • Congn UlIHISsion 074 Cong'c es that arise in research on research to provide guidance on the...

    Congn UlIHISsion 074 Cong'c es that arise in research on research to provide guidance on the ethical on human subjects. The result of the commission's work is this report, hics and elucidates which lays out a general approach to thinking about research tes the three most relevant moral principles-respect for three beneficence, and justice. chical Principles and Guidelines for Res h Involving Human Subjects partly because both often occur together (as in re- search designed to evaluate a therapy) and...

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT