IT Risk Management: Information Systems Security Policy

Discuss about the IT Risk Management of Information Systems Security Policy.

Forum Post 1
Information Security Basics

The Information Technology landscape in terms of the Information Security is changing day by day due to the evolution of the cyber threats (Boehm, 2012). The Information Technology in regards to the threat landscape have been evolved with a range of devices as well as the sophisticated targeted attacks that need the legitimate access towards the cooperate network. In previous days, people used to deal with viruses, which are designed for several purposes in order to allow the attackers for controlling PCs. At present, people deal with the viruses those act as extortion tools and cyber-weapons.

Don't use plagiarized sources. Get Your Custom Essay on
IT Risk Management: Information Systems Security Policy
Just from $13/Page
Order Essay

As per the CNSS model, confidentiality, integrity, availability, privacy and identification are the major threats or risks in regards to the information security. Confidentiality only permits the users for viewing information (Peltier, 2013). With the help of integrity, virus can be designed for corrupting data. Privacy is that information would be utilized only in ways approved by an individual. Through identification, information system is capable of recognizing individual users.

Due to the presence of the threats or the risks in the Information System, data on the computer of a particular user are corrupted as well as computer security become weaken and the other computers can also be infected (Peltier, 2016). These security risks seriously can impair computer performance, network use and business operations while performing several tasks, which are not known to the users of an infected computer.  

The information System’s extended characteristics are known as the “Six Ps”. This “Six Ps” is comprised of Planning, Policy, Programs, Protection, People as well as Projects. The information security threats or risks can be minimized as well as mitigated by improvising and by making the Six Ps stricter (Von Solms & Van Niekerk, 2013). The IT Management Team should ensure the effective as well as efficient information processing with the help of the six factors. Each of the mechanisms represents few of the management aspects of particular controls in the entire InfoSec Plan.

Forum Post 2
Information Security Planning

Patching is a problematic activity as upgrades as well as the patches are required for improving software, however, they also may disrupt a running system if these are not examined properly as well as may have some unintended issues on the patched system or a system that depends on the patched or upgraded system. Nevertheless, the patches or upgrades in regards to security always should be installed unless the risk of the patch application is higher than the risk of being compromised (Vacca, 2012). As per the research made by the security researchers, the software updates as well as the installing system is the best defence against the most common malware and the viruses as well, specifically for the windows run by the computers (Ifinedo, 2012). The software makers release often updates for addressing few particular threats in terms of security those have come to their attention. With the help of the installation as well as the download of the software and system updates, users can make a patch of the vulnerabilities that the virus writers can rely on for infecting user’s PCs.


In order to develop a better approach, patch management should be done. There are six steps those are significant develop such approach. These are as follows:

  • Step 1: Development of an up-to-date inventory of all the systems of production incorporating the types and version of OS, custodian, physical location, function as well as IP addresses.
  • Step 2: Devising a plan to standardize the systems of production to the similar OS version and application software (Boehm, 2012).
  • Step 3: Making a list of all the controls of security that a particular user has in place like AV, IDSes, firewalls, routers and others.
  • Step 4: Comparing the reported vulnerabilities or risks against the control list or the inventory list.
  • Step 5: Clarifying the risks or threats as well as assessing the vulnerabilities and an attack’s likelihood (Peltier, 2013).
  • Step 6: The application of the Patch as well as the deployment of the patch without disrupting production or uptime.
Information Security Policy and Program

Figure 1: Flowchart to outline slides of a presentation on Security to the NSW

(Source: Created by Author)

Flowchart Description

This particular flowchart has mainly portrayed the outline of a presentation that was given on Security to the NSW. This flowchart has outlined the topics those would be covered in the presentation through its individual slides. Each slide is related to another slide or the very next slide. Therefore, this flowchart has also demonstrated that relationship in a pictorial manner as well as in a hierarchical manner.

Slide 1: Importance of Information Security – This particular slide has been shown as a process in the flowchart. However, with the help of this slide, brief, clear and concise information have been given regarding the importance of the information security in every field of operation.

Slide 2: Introduction to Information security program and Policy – This slide has also been shown as a process in the above drawn flowchart. It is an introductory slide. With the help of this slide, introductory as well as concise information regarding the information security program and policy has been portrayed. This information can be proven very helpful to make a concept of the information security policy as well as the programs

Slide 3: Necessity of Information Security Program – Now, after the introductory slide, this presentation has portrayed the necessity of the information program in the very next slide. The above drawn flowchart has illustrated this particular slide as a process. This slide is mainly aimed to demonstrate the reason, why every organization needs to have a particular security program. It is evident that no matter how small or large an organization is, people need to have a plan for ensuring the security of the information assets of that particular company. Therefore, this slide has implemented the fact with the help of a proper definition of Information Security Program.

Slide 4: External Operational Confidentiality OF Terminal Software – This slide is aimed to introduce a specific information security program in this presentation. Therefore, this slide is also considered as a process in the flowchart that has been drawn above. A brief introduction of this particular software has been given in this slide, which would help to create a concept regarding the functionality and the advantage of the software as an information security program.

Slide 5: Categorization – With the help of this slide, the categorization of the External Operational Confidentiality OF Terminal Software has been shown based on the functionalities or operations. In this slide the names of the classifications have been mentioned. The three categorizations are the External Operational Confidentiality OF Terminal Software for Storage, External Operational Confidentiality OF Terminal Software for Download and External Operational Confidentiality OF Terminal Software for Update. These three classifications have been mentioned in the flowchart in a note under this particular process.

Slide 6: Features of EOC_OF Terminal Software for Download – This particular slide has been considered as a process in the flowchart. In this slide the features of EOC_OF Terminal Software for Download have been mentioned as well as discussed. There are mainly three features of EOC_OF Terminal Software for Download. These are the access authorization, limit exposure and encryption as well.

Slide 7: Functionalities of Authentication and Identification – This particular slide, which has been drawn as a process in the flowchart is aimed to demonstrate the functionalities of authentication and identification. Whereas, authentication and identification are the features of access authorization under EOC_OF Terminal Software for Download. Therefore, it has been mentioned in this slide that password authentication, cardkey authentication, biometrics authentication and the digital signature are the major operations under authentication. On the other hand, it has also been mentioned that Mutual ID and One Sided ID are the major operations under identification.

Slide 8: Security attacks, threats and requirements – This slide has been considered as a process in the above drawn flowchart and this slide has demonstrated the security attacks, threats and the requirements. It has several categorizations those have been interpreted in the next slides.

Slide 9: Confidentiality – This particular slide can be considered as a sub process in the flowchart. This slide has demonstrated the features and importance of confidentiality. This slide has shown that confidentiality points listening, interactions and planted in system.

Slide 10: Integrity – This particular slide has been considered as a sub process in the flowchart. This slide has demonstrated the features and importance of Integrity. This slide has shown that integrity points modification, interactions as well as planted in systems.

Slide 11: Availability – This particular slide has been considered as a sub process in the flowchart. This slide has demonstrated the features and importance of Availability. This slide has shown that availability points interactions, planted in systems and denial of service.

Slide 12: Non-Repudiation – This particular slide has been considered as a sub process in the flowchart. This slide has demonstrated the features and importance of Non-Repudiation. This slide has shown that Non-Repudiation points interactions, planted in systems and after-the-fact.

Slide 13: Information Security Policy – This particular slide is aimed to demonstrate detailed information about the information security policy that is needed to be specified along with the information security program.

Slide 14: Policy Education Technology – The detailed information about the policy education technology as well as the importance of this technology has been demonstrated in this particular slide in the presentation.


Boehm, B. (2012). Software risk management. In European Software Engineering Conference (pp. 1-19). Springer Berlin Heidelberg.

Ifinedo, P. (2012). Understanding information systems security policy compliance: An integration of the theory of planned behavior and the protection motivation theory. Computers & Security, 31(1), 83-95.

Peltier, T. R. (2013). Information security fundamentals. CRC Press.

Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards: guidelines for effective information security management. CRC Press.

Vacca, J. R. (2012). Computer and information security handbook. Newnes.

Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber security. computers & security, 38, 97-102.

What Will You Get?

We provide professional writing services to help you score straight A’s by submitting custom written assignments that mirror your guidelines.

Premium Quality

Get result-oriented writing and never worry about grades anymore. We follow the highest quality standards to make sure that you get perfect assignments.

Experienced Writers

Our writers have experience in dealing with papers of every educational level. You can surely rely on the expertise of our qualified professionals.

On-Time Delivery

Your deadline is our threshold for success and we take it very seriously. We make sure you receive your papers before your predefined time.

24/7 Customer Support

Someone from our customer support team is always here to respond to your questions. So, hit us up if you have got any ambiguity or concern.

Complete Confidentiality

Sit back and relax while we help you out with writing your papers. We have an ultimate policy for keeping your personal and order-related details a secret.

Authentic Sources

We assure you that your document will be thoroughly checked for plagiarism and grammatical errors as we use highly authentic and licit sources.

Moneyback Guarantee

Still reluctant about placing an order? Our 100% Moneyback Guarantee backs you up on rare occasions where you aren’t satisfied with the writing.

Order Tracking

You don’t have to wait for an update for hours; you can track the progress of your order any time you want. We share the status after each step.


Areas of Expertise

Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.

Areas of Expertise

Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.


Trusted Partner of 9650+ Students for Writing

From brainstorming your paper's outline to perfecting its grammar, we perform every step carefully to make your paper worthy of A grade.

Preferred Writer

Hire your preferred writer anytime. Simply specify if you want your preferred expert to write your paper and we’ll make that happen.

Grammar Check Report

Get an elaborate and authentic grammar check report with your work to have the grammar goodness sealed in your document.

One Page Summary

You can purchase this feature if you want our writers to sum up your paper in the form of a concise and well-articulated summary.

Plagiarism Report

You don’t have to worry about plagiarism anymore. Get a plagiarism report to certify the uniqueness of your work.

Free Features $66FREE

  • Most Qualified Writer $10FREE
  • Plagiarism Scan Report $10FREE
  • Unlimited Revisions $08FREE
  • Paper Formatting $05FREE
  • Cover Page $05FREE
  • Referencing & Bibliography $10FREE
  • Dedicated User Area $08FREE
  • 24/7 Order Tracking $05FREE
  • Periodic Email Alerts $05FREE

Our Services

Join us for the best experience while seeking writing assistance in your college life. A good grade is all you need to boost up your academic excellence and we are all about it.

  • On-time Delivery
  • 24/7 Order Tracking
  • Access to Authentic Sources
Academic Writing

We create perfect papers according to the guidelines.

Professional Editing

We seamlessly edit out errors from your papers.

Thorough Proofreading

We thoroughly read your final draft to identify errors.


Delegate Your Challenging Writing Tasks to Experienced Professionals

Work with ultimate peace of mind because we ensure that your academic work is our responsibility and your grades are a top concern for us!

Check Out Our Sample Work

Dedication. Quality. Commitment. Punctuality

All samples
Essay (any type)
Essay (any type)
The Value of a Nursing Degree
Undergrad. (yrs 3-4)
View this sample

It May Not Be Much, but It’s Honest Work!

Here is what we have achieved so far. These numbers are evidence that we go the extra mile to make your college journey successful.


Happy Clients


Words Written This Week


Ongoing Orders


Customer Satisfaction Rate

Process as Fine as Brewed Coffee

We have the most intuitive and minimalistic process so that you can easily place an order. Just follow a few steps to unlock success.

See How We Helped 9000+ Students Achieve Success


We Analyze Your Problem and Offer Customized Writing

We understand your guidelines first before delivering any writing service. You can discuss your writing needs and we will have them evaluated by our dedicated team.

  • Clear elicitation of your requirements.
  • Customized writing as per your needs.

We Mirror Your Guidelines to Deliver Quality Services

We write your papers in a standardized way. We complete your work in such a way that it turns out to be a perfect description of your guidelines.

  • Proactive analysis of your writing.
  • Active communication to understand requirements.

We Handle Your Writing Tasks to Ensure Excellent Grades

We promise you excellent grades and academic excellence that you always longed for. Our writers stay in touch with you via email.

  • Thorough research and analysis for every order.
  • Deliverance of reliable writing service to improve your grades.
Place an Order Start Chat Now

Order your essay today and save 30% with the discount code Happy