home

Certification And Accreditation In Information Security

Read Complete Research Material



Certification and Accreditation in Information Security



Certification and Accreditation in Information Security

1. Discuss your opinion on certification and accreditation being replaced by security control and assessment. Cite examples from peer-reviewed, academic sources.

The field of information security has grown and evolved considerably since the Second World War becoming a worldwide accredited career. This field offers many specialty areas, including the audit of information systems planning, business continuity, digital forensics and administration of safety management systems. Information security refers to all those preventive and reactive measures in organizations and technological systems that allow safeguarding and protecting the information intended to maintain the confidentiality, the availability and integrity of it.

Security monitoring systems provide an opportunity every minute of processing hundreds of thousands of security events. The monitoring solutions provides for the collection, processing and storage of security events, which may come from different sources. The introduction of a monitoring system enables us to automate the process of decision-making in response to events associated with the breach of security. Proper Management of Information Security seeks to establish and maintain programs, policies and controls which are designed to preserve the confidentiality, integrity and availability of information. It should be noted that security is not a milestone; it is rather a continuous process that must be managed always knowing the vulnerabilities and threats that cling to any information, and taking into account the causes of risk and the impact it can have (Gorman, 2002).

Management Systems Information Security (ISMS) are the most effective means of minimizing risk by ensuring that identify and value assets and risks, considering the impact to the organization, and take the controls and procedures effective and consistent with business strategy. Effective management of information security can guarantee:

Confidentiality, ensuring that only authorized persons have access to information,

Integrity, ensuring that information and processing methods are ...
Related Ads