Scribd Logo
Upload

Welcome to Scribd!

  • 14 views

    Self - Serving Attribution

    Uploaded by

    Maher Aljahdali
    This document summarizes an IT governance framework that combines ISO/IE and security policy frameworks. It outlines three key areas: [1] Security Policy which defines regulations and responsibilities around acceptable use, email, and HIPAA compliance; [2] Operational Security which sets responsibilities for ID management, device configuration, antivirus, firewalls, and data encryption; [3] Emergency Security which is responsible for backups, maintaining systems during emergencies, and having full permissions to respond to emergencies through changes, closures, and updates. Overall the framework divides responsibilities for standards, operational security, and emergency response.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Self - Serving Attribution

    Uploaded by

    Maher Aljahdali
    14 views4 pages
    This document summarizes an IT governance framework that combines ISO/IE and security policy frameworks. It outlines three key areas: [1] Security Policy which defines regulations and responsibilities around acceptable use, email, and HIPAA compliance; [2] Operational Security which sets responsibilities for ID management, device configuration, antivirus, firewalls, and data encryption; [3] Emergency Security which is responsible for backups, maintaining systems during emergencies, and having full permissions to respond to emergencies through changes, closures, and updates. Overall the framework divides responsibilities for standards, operational security, and emergency response.

    Original Description:

    IT Self- Serving Attribution

    Original Title

    Self- Serving Attribution

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document summarizes an IT governance framework that combines ISO/IE and security policy frameworks. It outlines three key areas: [1] Security Policy which defines regulations and responsibilities around acceptable use, email, and HIPAA compliance; [2] Operational Security which sets responsibilities for ID management, device configuration, antivirus, firewalls, and data encryption; [3] Emergency Security which is responsible for backups, maintaining systems during emergencies, and having full permissions to respond to emergencies through changes, closures, and updates. Overall the framework divides responsibilities for standards, operational security, and emergency response.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    14 views4 pages

    Self - Serving Attribution

    Uploaded by

    Maher Aljahdali
    This document summarizes an IT governance framework that combines ISO/IE and security policy frameworks. It outlines three key areas: [1] Security Policy which defines regulations and responsibilities around acceptable use, email, and HIPAA compliance; [2] Operational Security which sets responsibilities for ID management, device configuration, antivirus, firewalls, and data encryption; [3] Emergency Security which is responsible for backups, maintaining systems during emergencies, and having full permissions to respond to emergencies through changes, closures, and updates. Overall the framework divides responsibilities for standards, operational security, and emergency response.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 4

    DoD

    Maher Aljahdali

    IT Governance

    DoD

    Fall 2020
    DoD

    This DOD is a mixed between ISO/IE and security policy framework.

    Security Policy to follow regulations and set responsibility

    regarding the Hospital's goal. A policy of

    acceptable use, email use, and an approach to

    follow HIPAA, procedure on how to use data

    transfer data between two parties, and

    guidelines to the system and awareness.


    Operational Security responsibility to set a system such as ID

    management and do the configuration to the

    devices and guard the devices with antivirus

    and firewall, encrypt the data, we use this

    framework is responsible for the physical

    tools and the operating system.


    Emergency Security the framework responsible for backup knows

    how to maintain the system during an

    emergency. The group who knows what to do

    when an emergency happened has the full

    permission to change, close, and update.


    DoD

    The first one is a stander on using the system overall with the regulation, requirement, and

    awareness. In contrast, the second the Operational are the stuff of how is responsible for

    maintenance and minimum-security requirements to the system. Simultaneously, the emergency

    group is accountable for safety. Overall, it has the full permission to change or update and

    respond when an emergency happens, responsible for backup and hot site recovery.
    DoD

    Sources

    https://www.certmike.com/security-policy-framework/

    https://www.itgovernanceusa.com/iso27001

    You might also like