Page 17 - DCAP516_COMPUTER_SECURITY
P. 17
Avinash Bhagat, Lovely Professional University
Unit 2: Information Security Policies
Unit 2: Information Security Policies Notes
CONTENTS
Objectives
Introduction
2.1 Why Do You Need Security Policy?
2.2 What is a Security Policy?
2.2.1 Requirements of the Policy
2.2.2 Policy Definitions
2.2.3 Policy Wording Suggestions
2.3 Information Security
2.4 Core Concepts of Information Security
2.4.1 Confidentiality
2.4.2 Integrity
2.4.3 Availability
2.5 Computer Security Policy Categories for an Organization
2.5.1 User Policies
2.5.2 IT Policies
2.5.3 General Policies
2.6 Summary
2.7 Keywords
2.8 Review Questions
2.9 Further Readings
Objectives
After studying this unit, you will be able to:
Understand the meaning, role and importance of information security
Identify the significance and ways to protect confidentiality
Learn about the meaning and importance of integrity
Comprehend the meaning and significance of availability
Introduction
Although the importance of information security for businesses is increasingly recognized, the
complexity of issues involved means that the size and shape of information security policies
may vary widely from company to company. This may depend on many factors, including the
size of the company, the sensitivity of the business information they own and deal with in their
marketplace, and the numbers and types of information and computing systems they use. For a
LOVELY PROFESSIONAL UNIVERSITY 11
