Scribd Logo
Upload

Welcome to Scribd!

  • 7 views

    Case Analysis

    Uploaded by

    ace
    Kevin, a security administrator, needs to classify the information accessible to him using either commercial/private or government/military classification levels. As the general manager of IT security, Hilda Jacobs is concerned about stringent legal requirements for data protection given Nutri's increased collection of customer information. The first step she must take is to create a data management policy to guide the organization's overall program. Hilda Jacobs selected data security controls for data at rest and in transit based on risk. She created a best practices document referring to ISO/IEC 27001 for implementing an Information Security Management System.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Case Analysis

    Uploaded by

    ace
    7 views1 page
    Kevin, a security administrator, needs to classify the information accessible to him using either commercial/private or government/military classification levels. As the general manager of IT security, Hilda Jacobs is concerned about stringent legal requirements for data protection given Nutri's increased collection of customer information. The first step she must take is to create a data management policy to guide the organization's overall program. Hilda Jacobs selected data security controls for data at rest and in transit based on risk. She created a best practices document referring to ISO/IEC 27001 for implementing an Information Security Management System.

    Original Description:

    Original Title

    CASE ANALYSIS.docx

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Kevin, a security administrator, needs to classify the information accessible to him using either commercial/private or government/military classification levels. As the general manager of IT security, Hilda Jacobs is concerned about stringent legal requirements for data protection given Nutri's increased collection of customer information. The first step she must take is to create a data management policy to guide the organization's overall program. Hilda Jacobs selected data security controls for data at rest and in transit based on risk. She created a best practices document referring to ISO/IEC 27001 for implementing an Information Security Management System.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    7 views1 page

    Case Analysis

    Uploaded by

    ace
    Kevin, a security administrator, needs to classify the information accessible to him using either commercial/private or government/military classification levels. As the general manager of IT security, Hilda Jacobs is concerned about stringent legal requirements for data protection given Nutri's increased collection of customer information. The first step she must take is to create a data management policy to guide the organization's overall program. Hilda Jacobs selected data security controls for data at rest and in transit based on risk. She created a best practices document referring to ISO/IEC 27001 for implementing an Information Security Management System.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 1

    Case Analysis –

    Asset Security
    Answer the following:
    1. Network Firewalls division has a lot of information that is created and maintained. However,
    Kevin, a Security Administrator at Nutri Worldwide Inc., recognizes that not all the information
    is critical, and would like to do a high-level classification of the information accessible to him.
    Question: What are the different information classification levels Kevin has to use?
    Commercial or Private Sector Classification
    Government or Military Sector Classification

    2. With the rapid expansion in the collection and storage of digitized personal information of
    customers at Nutri Worldwide Inc., the issue of privacy has gained significance.
    As the General Manager of IT security, Hilda Jacobs is concerned as there are very stringent
    legal and regulatory requirements for the protection of privacy and data. She decides to
    implement a data management process in the organization.
    Question: What is the first step Hilda must undertake to kick-start the data management
    process at Nutri World Inc.?
    Create a data management policy which will guide the overall data
    management program in the organization.

    3. Hilda Jacobs, General Manager – IT Security at Nutri Worldwide Inc., was given the
    responsibility of selecting appropriate data security controls as part of asset security.
    Hilda selected the controls according to the organization's different requirements for the data
    at rest and data in transit based on the existing risk. She also created a best practices
    document by referring to available standards for data security.
    Question: For implementing Information Security Management System, Hilda Jacobs
    should refer to which standard?
    ISO/IEC 27001

    You might also like