Information Security Management ( Study Case ) Essay

Information Security Management ( Study Case ) - Essay Example Charlie must adopt some personal strategy to make top management realize the need and significance of information technology in their firm. He must explain them the benefits of adopting information security by comparing their firm with other firms. b) The most important advice to Iris: The most important advice is to make the top management understand the need for information security. From the illustration, it is understood that Random Widget Works gives the least priority to information security. Making the management understand its importance will let the management take initiatives for framing new policies and allocating ample resources to give security to data and information. C5 a) Confidential Information Confidential Information denotes the documents that should not be shared with anyone outside the organization. Example Documents that can be classified â€Å"Confidential’ Strategic Planning Document Technical documents Information about clients Sensitive Information: Sensitive Information denotes the set of documents that require special attention and have to be prevented from unauthorized access, use or disclosure. Sensitive information can be either confidential or public. However, a high level of integrity is to be maintained in case of sensitive information (chapter 5). ... These documents are issued exclusively released with the intention of giving the public some information about the company. Example Documents that can be classified â€Å"Public† Profit and loss account statement Balance sheet statement Registration details of the company b) Label scheme to associate with classification system: The security labels are a must for all documents in order to get security clearance. Any security label has the following four components. Security Policy. Classification. Categories Privacy Mark There are different labeling schemes followed by different organizations. However, for Random Widget works, the following schemes would be helpful. Confidential information: Confidential documents must be bound with white cover, with the text â€Å"CONFIDENTIAL†, stamped diagonally across the document in red color. Sensitive Information: Sensitive information has to be covered with white wrapper with the text â€Å"SENSITIVE† stamped diagonally ac ross the document in yellow color. Public Information: Public documents may or may not have stamps labeled on them. However, a green color stamp will let the user easily identify that the document could be released for public use. C6 a) Incident or Disaster? The current occurrence was just an â€Å"Incident† as per Iris’s point of view. According to our case, both Joel and Harry had saved their documents and sent ‘to the print server. There were 80% chances of recovery of data. This would have been called a â€Å"disaster†, if there were no chances of recovery of data. Had it been a disaster Iris would have delegated responsibilities to Harry and Joel. Recovery of data holds great significance in organizations as most of the data are confidential and contains secure information that can cause a disaster