Describe a general plan of action for initiating a security policy, elaborating on each stage that might be undertaken.

What will be an ideal response?


First of all, the need for one must be appreciated, and there must be commitment on the part of
senior managers. Depending on course coverage, an IT security team may be formed to oversee
the development of the policy. They may decide on an information classification exercise for the
area under consideration, then carry out a risk analysis. Following on from this, the policy will be
prepared, specific responsibilities identified, and then standards and procedures formulated for
implementation. The whole process is iterative, the policy should be continually refined. Certain
aspects of the plan should be elaborated, such as, how information might be classified, how risk
analysis might be carried out, what the policy should cover.

Computer Science & Information Technology

You might also like to view...

The only state in which a thread has obtained the GIL is the________state.

a) born. b) ready. c) running. d) None of the above.

Computer Science & Information Technology

A(n) ________ is an individual value in a data series

Fill in the blank(s) with correct word

Computer Science & Information Technology

What type of address is a six-byte numeric address, burned into firmware (on a chip) by network interface manufacturers?

A. symbolic address B. logical numeric address C. reverse proxy address D. physical numeric address

Computer Science & Information Technology

A graphic that is aligned with text is known as a(n) ____________________ graphic.

Fill in the blank(s) with the appropriate word(s).

Computer Science & Information Technology