Threats And Vulnerabilities Analysis Coursework

Threats And Vulnerabilities Analysis - Coursework Example As the result, it is upon the institution to implement policies that would serve best in physical, technical and administrative safeguards of the system. The following section lists a number of policy statements that give the narration of the information security controls that could be used by the institution to implement recommendations for protection. The recommendations focus on major areas of the institutional operations including Institutional Information, Information Systems, Computerized Devices, And Infrastructure Technology. The policy statements are applicable across all departments within the organization and they are categorized in terms of Information Security Plan, Physical Controls, Monitoring Controls, Technical Security and Access Controls, General Operational Controls, and Account and Identity Management Controls.Policy statements Information Security plan The top management is responsible for documenting and overseeing implementation of an Information Security plan . This would help in securing the system and protection of data within the system, thereby thwarting intentions by any intruders. The Plan includes the following: 1.The Security Plan shall delegate and plan responsibilities across the organization to the appropriate people. For instance, this shall cut across system owners and system operators. This way, there will be proper engineering of the system’s operation thereby avoiding vulnerabilities such as poor administrative procedures.