07-08-2012, 03:34 PM
HMM TECH SECURITY SOLUTIONS
IIS ASSIGNMENT.docx (Size: 27.13 KB / Downloads: 29)
Abstract
An information security policy refers to a set of rules and practices that define how sensitive data and information of an organization should be managed, protected and distributed within and without that particular organization. There are different aspects of an information security police which include:-
(i) Labelling of information
(ii) Modification of information
(iii) Accountability
(iv) Ownership
It is important for an organization to classify and identify the senior management and owner of information as all types of information that an organization stores is not equal and therefore require different levels of protection. This security policy therefore defines the authority and delegation of authority for the policies. The rules and responsibilities of each type of user involved in the security policy is clearly defined. The security policy has been developed to ensure data integrity and confidentiality of all computer systems in this organization.
Executive summary
This regulation has been developed to ensure data integrity and confidentiality of all computer systems at the HMM TECH SECURITY SOLUTIONS. This document provides guidelines for classification of data resources retrieval and dissemination of data by different users in the firm. The policies seeks to ensure that all information technology and telecommunication (IT&T) resources are safe and ensure security measures have been put in place to protect the resources against any form of security breach, damage of data, systems, application equipment and telecommunication. The security policy document also outlines the firm’s security missions, goals, scope and responsibilities of various users of computers system, discretion and dissemination of client and employee information.
POLICY STATEMENT
HMM tech security solutions firm has implemented basic security policies and controls that govern end user computing operations, and management has the authority to evaluate the risks associated with end user computing. The purpose of this policy is to establish general guidelines for maintaining an end user computing environment within the firm that is controlled, consistent, and secure and that will enhance the productivity of end users. Information is a critical asset of Hmm tech firm. Accurate, timely, relevant, and properly protected information is essential to the success of the firms. The firm is committed to ensuring all accesses to, uses of, and processing of information is performed in a secure manner. These Information Systems in the firm include all Infrastructure, networks, hardware, and software, which are used to manipulate process, transport or store Information owned by the firm.
Information Systems Department
The information systems department is responsible for supporting and coordinating the day-to-day operation of the end user computing environment in a manner that is consistent and in compliance with the approved policies and procedures. The information systems department should monitor and review the activities of end users to ensure that they are adhering to the HMM firm policies and procedures.