Comparisons of Information Reliability Management Frames
Module 1 Case Job
ITM517: Data Security Guide for Managers and Plan Makers Dr . Kiet Tuan Tran
March 20, 2012
For your business to keep speed with the latest technology, threats and to remain in conformity with current and foreseeable future regulations or policies need to have effective managing of information secureness in their firm. Information Reliability Management Frameworks are based on existing accepted criteria, guidelines, and collections of practices that ought to be implemented in an IT department. I will talk about some frames of information secureness management, their very own pros and cons, a lot of major points of views to look into information secureness management plus the benefits of information security administration frameworks. Information Security Managing Frameworks
NIST SP 800-137 and 800-39 introduces an organization-wide Details Security Ongoing Monitoring (ISCM) and Risk Management framework. ISCM is a technique that utilizes a three-tiered strategy (organization level, mission / business level and info system level). ISCM assists maintain ongoing awareness of data security and ensures that company security practice reflects the organization's risk tolerance helping ensure that accurate, up-to-date info is available to allow timely risikomanagement decisions by using automation. ISCM strategy may well not take into account each of the controls therefore presenting a great incomplete photo of an organization's security status and risk. Automation may well not take all controls into account that can not be automated nonetheless need to be watched and examined. These handles that can not be automated nonetheless need to be considered in making the proper risk as well as security decision. Another downside is that risk scores might not be comprehensive because of having not any information on selected risks. Likewise, automated...
Referrals: NIST (2011), Managing Details Security Risk -- Business, Mission and Information System View, National Institute of Standards and Technology Particular Publication 800-39.
NIST (2011), Information Reliability Continuous Monitoring (ISCM) for Federal Information Systems and Organizations. National Institute of Standards and Technology Particular Publication 800-39.
Johnson, L. A. (14 December 2010) Information Reliability Continuous Monitoring (Ongoing Monitoring in Support of Organizational Risk Management. http://csrc.nist.gov/groups/SMA/forum/documents/Forum-121410-Continuous-Monitoring-AJohnson.pdf
Business Software Alliance (BSA). Information Security Governance: Toward a Construction for Action.
ISACA. Defining Information Security Management Position Requirements. http://raw.rutgers.edu/docs/wcars/20wcars/ISACA/CONTECSI/Defining%20Info%20Sec%20Management.pdf