Professional Documents
Culture Documents
Q. Find out the top governing strategies used to protect the information in the
organization and how the success of the strategies is measured. You need to find
out 2 strategies.
Ans. Securing information within an organization is essential to uphold
confidentiality, integrity, and availability. Two prominent governance strategies
in the realm of information security are:
Access Control and Authentication:
Description: Access control and authentication constitute foundational
approaches aimed at permitting exclusively authorized individuals or systems to
access sensitive information within an organization. Access control mechanisms
encompass user authentication methods such as passwords, biometrics, and
multi-factor authentication, along with role-based access control (RBAC) and
discretionary access control (DAC).
Implementation: Organizations can execute access control through the
deployment of identity and access management (IAM) systems, directory
services, and controls at the network level. This entails the definition of access
privileges, specifying who can access particular resources and under what
specific circumstances.
Success Measurement: The efficacy of this strategy is typically gauged
through diverse metrics, which encompass:
Access Logs: Thoroughly monitoring and scrutinizing access logs to
detect any unauthorized access attempts or suspicious activities.
Compliance: Ensuring that access control policies adhere to relevant
regulatory requirements and industry standards.
Incident Response: Evaluating the strategy's effectiveness by assessing
its capability to prevent or mitigate security incidents linked to
unauthorized access.
Data Encryption: