Policy Example SunSpot Credit Union Computer Incident Response Team—Access & Authorization Policy 1.0 Policy Statement This policy applies to SunSpot Credit Union employees, temporary workers, contractors, and consultants who use or access SunSpot Credit Union information systems and computers. 2.0 Purpose/Objectives Definitions for this policy are as follows: SunSpot Credit Union: (SCU). Incident Response Team:… Read More »
The Governance of Cloud-Based Systems The Dot Com crash of 2000 and corporate scandals such as Enron highlighted the need for better laws to oversee financial organizations, and also highlighted the need for better corporate governance. IT Governance is the part of corporate governance that includes policies, procedures, and controls that relate to information systems use, performance, Return… Read More »
Ethics Related to the Collection of Information The following are ethics that must be addressed when information systems are designed, and how they relate to the Confidentiality, Integrity, Availability (CIA) security concept. The first concern related to ethics is; who benefits from the information collected? The applicable area of the CIA security triad is confidentiality. Information collected for… Read More »
Consumer Privacy Bill of Rights Introduction The Consumer Privacy Bill of Rights (CPBR) was proposed as a draft bill by President Obama on 27 February 2015. The CPBR is intended as a law that will govern the collection and dissemination of consumer data. The Obama administration re-introduced the CPBR as an enhancement to the Data Security and… Read More »
The Concept of Safe Harbor The concept of “Safe Harbor” refers to specific actions, example; encryption of private data, that an individual or an organization can take to show a good-faith effort in complying with the law. This good-faith effort provides a person or organization “Safe Harbor” against prosecution under the law (Grama, 2015, pg.253). The State of… Read More »