KINDLY JUST REACT TO THESE FOUR FROM THE TUTORS VIEW POINT EACH FOR 63 WORDS IS FINE WITHOUT USING REFERENCE THANKS A LOT
1)
The five elements of information security governance include confidentiality, which means that all information should be kept private and confidential. People who can access the data should be licensed so that other unwarranted people cannot access it. Secondly, integrity will ensure that the information is intact, complete, and in the correct format. The information technology system should ensure that no unauthorized changes can be made to the data to remain authentic, accurate, and reliable (Schuberth, 2018). The third element is available, allowing the licensed user to quickly access the information when required. Availability is the declaration that the systems accountable for distributing, storing, and dispensing information are reachable when required by lawful users. Availability means data is accessible by licensed users. The fourth element is authenticity. This means that the information system has a hierarchical pattern that must be followed to access the information. It implies that low-hierarchy users cannot share information unless approved by high-hierarchy users (Sperling & Webber, 2019). The user must provide an identity to access any information that is classified as confidential. The fifth element is non-repudiation. This ensures that someone who uses the information cannot deny the validity of anything in the report. It may be a legal thought that’s extensively used in data security and refers to a service that delivers impermeable of the origin of data and thetruthfulness of the information.
Internal and external drivers shape a corporate security program. Internally, they include profit goals, mission, and office politics. External drivers include markets, laws, taxes, competition, customer needs, and technological changes. Profit meant that the company had to adopt security mechanisms to ensure that it did not incur losses due to technical issues (Sperling & Webber, 2019). The mission of the company defines what the company wants to attain. This means that the company has to align its security requirements with the mission statement company. The politics of the offices focuses on understanding how people relate to each other. For example, people may share confidential information with outsiders if the relationship is not cordial. Externally, regulations and laws may shape the type of security governance policies implemented. For instance, no organization can implement security governance that violates privacy and HIPAA laws in America (Schuberth, 2018). Taxes will force the organization to enforce policies that reduce risks, influencing security governance. The competition will also influence security governance as the organization will ensure that it has a security system that protects its intellectual properties.
References
Schuberth, M. (2018). Hybrid security governance, post-election violence and the legitimacy of community-based armed groups in urban Kenya.Journal of Eastern African Studies,12(2), 386-404.
Sperling, J., & Webber, M. (2019). The European Union: security governance and collective securitization.West European Politics,42(2), 228-260.
ReplyMark as UnreadReport Abuse
2)
The five new elements of the information security governance framework is confidentiality, integrity , availability, authenticity and non-repudiation. Confidentiality, is knowing that the information that personnel who are authorized have to that information and access to it.Information that is confidential should be given to those personnel who has access should not be given to others. Integrity, Integrity is being trust worthy that data will be handle properly assured that information is accurate. Integrity assures that personnel that maintains data is consistent and is protected and that ensures that only authorized personnel is authorized to update that information. Availability, is knowing that the systems are processing information that is accessible to authorized personnel. Availability is the information being is available to licensed users. Authenticity, this where the user proves they are who they say they are. The user will confirm their identity by bio-metrics, authenticity by way data and documents. Non-repudiation, it would be hard to deny where the message was originated from and also its authenticity. This is where the originator can't deny sending the message and the receiver can't deny receiving that message.
The external/ internal drivers that help shape a corporate security program, are things like people their mission and goals they have. External drivers are things like the market, types of competition, technology and customers. For instance every business has some sort of mission statement that tells the customers they are a trustworthy company. How will the company maintain its security posture for its customers and protect their sensitive information. Externally maintain good relations with competition, and security polices are being followed.
References
Top 5 Elements of an Information Security,
https://info-savvy.com/top-5-key-elements-of-an-information-security/
Goodes.R, 2021, Creating Security Policies that are the Core of a Rock-Solid Corporate Security Program
https://info-savvy.com/top-5-key-elements-of-an-information-security/
3. What are the external and internal drivers that help shape a corporate security program?
4. What are some of the new elements of the Information Security Governance framework