Tag Archives: information

Security Policy Example – IRT Access & Authorization Policy

Policy Example   SunSpot Credit Union Computer Incident Response Team—Access & Authorization Policy   1.0       Policy Statement This policy applies to SunSpot Credit Union employees, temporary workers, contractors, and consultants who use or access SunSpot Credit Union information systems and computers.   2.0       Purpose/Objectives Definitions for this policy are as follows: SunSpot Credit Union: (SCU). Incident Response Team:… Read More »

IT & Security Framework and Policy Development Team

The IT security policy framework is the foundation of an organizations information security program. The framework consists of a library of documents, but is just not a collection of documents. The framework and its documents are used to build an organizations processes, determine appropriate technologies to use, and lay the foundation for policy enforcement. The framework is a… Read More »

Security+ SY0-401 General Information & Characteristics

Security+ General Information The CompTIA Security+ Certification is often a first step towards more advanced security certifications.   About The CompTIA Security+ certification is a vendor-neutral, internationally recognized credential used by organizations and security professionals around the globe to validate foundation level security skills and knowledge. Candidates are encouraged to use this document to help prepare for CompTIA  security+… Read More »

Ethics Related to the Collection of Information

Ethical considerations play a vital role in the design of information systems, particularly in relation to the Confidentiality, Integrity, Availability (CIA) security concept. This article explores various ethical issues that must be addressed in information system design and their relevance to the CIA security triad. It delves into concerns such as the beneficiaries of collected information, privacy and confidentiality of user data, accuracy of information, property and ownership rights, accessibility controls, the purpose of information usage, system availability, and categorization for maintaining integrity. Understanding and addressing these ethical aspects is crucial for ensuring the responsible and secure handling of information within organizations.