Professional Documents
Culture Documents
1
Managing Security
Managing Security
Introduction
The deployment of security measures (and of IT in general) is a management
decision. Technical security measures have to work hand in hand with
organizational measures to be effective. Management decisions should be
underpinned by some analysis of current risks and threats.
Online payment is one of the best use of the internet, online payment refers
to money that is exchanged electronically. Typically, this involves use of
computer networks, the internet and digital stored value systems.
Advantages of using online payment includes save time and money because
you can browse the products and see discounted items, you see other
products available in other country so you have choice to select and at the
same time select from different vendors.
One of the risk of using online payment or online services is Identify theft,
where someone else’s can gain access to resources or services and exploit
weakness.
Course Module
to commit a crime under the victim’s name, leaving the victim holding the
bag. When this occurs, it may be difficult for the victim to clear his name
completely, as it is an extensive process that involves the court system.
Security Management
Security management is the identification of an organization's assets
(including information assets), followed by the development, documentation,
and implementation of policies and procedures for protecting these assets.
An organization uses such security management procedures as information
classification, risk assessment, and risk analysis to identify threats, categories
assets, and rate system vulnerabilities so that they can implement effective
controls
Internal
1. Strategic: R&D
2. Operational: Systems and process (H&R, Payroll)
3. Financial: Liquidity, cash flow
4. Hazard: Safety and security; employees and equipment
5. Compliance: Actual or potential changes in the organization’s systems,
processes, suppliers, etc. may create exposure to a legal or regulatory
non-compliance.
Security policy
Security policy is a definition of what it means to be secure for a system,
organization or other entity. For an organization, it addresses the constraints
on behavior of its members as well as constraints imposed on adversaries by
mechanisms such as doors, locks, keys and walls.
the technology is addressed. Often, the users are prohibited from using the
information in a manner that can harm others.