Q1. Discuss the purpose of an Information Security Policy and how it fits into an effective information security architecture. Your discussion should include the different levels of policies and what should be covered in an information security policy.
Q2. Discuss how an organization can apply the information life cycle to protect information. Make sure you discuss the different states of data and protection measures for those states.
Assignment Formatting Requirements:
- APA Standard 1-inch margins all around
- Standard font (e.g., Arial, Times Roman, Calibri, Tahoma, etc.)
- 12-pt font size
- Double-spaced
- No cover page – use a simple heading at the top of the first page with Course #/Title, Exam Name, Your Name, and Date (this heading can be left-justified, centered or right-justified)
- No Abstract
- Identify the question number for each response (e.g., “Essay Question #1”) – do not repeat the actual question text
- When using external sources, list the references immediately following the end of the essay question where used (do not put all references at the end of the document)
- Start Q2 on a new page
Answer preview
confidentiality, integrity and availability of data within the organization. The other element is authority and access control policy with which the manager may have the authority to decide what data can be shared and with whom. There are several purposes of an information security policy which include the following. The major objective is to enact data protection (Srinivas, Das, & Kumar, 2019). Secondly, it establishes a detailed procedure for information security, creating an effective model for organizational information security. The other purpose is that it detects the misuse of information caused by third-party vendors. Lastly, it provides effective mechanisms to respond to inquiries and complaints on non-compliance with security requirements and data protection.
[597 Words]