Management Of Information Security
6th Edition
ISBN: 9781337405713
Author: WHITMAN, Michael.
Publisher: Cengage Learning,
expand_more
expand_more
format_list_bulleted
Concept explainers
Question
Chapter 5, Problem 1EDM
Program Plan Intro
Code of ethics:
- The “ethics” word comes from the Greek term “duty”.
- The code of ethics means all the responsibilities that professional must respect when carrying out their work.
- It also contains the core value of the work and the behavior which should be adopted.
Example:
Professional and confidentiality secrecy are responsibilities contained in the code of ethics and conduct in numerous professions like accountants, lawyers, doctors and journalists.
Intent of the code of ethics:
- The intent of the code of ethics established by a professional order as a way to safeguard public and the status of the professionals.
- The employee who breach their code of ethics suffer disciplinary actions that can range from a warning or rebuke to dismissal or ejection from their professional order.
Privacy policy:
- A privacy policy denotes a statement that discloses some or all ways an organization would gather, use, disclose and manage data of customers as well as clients.
- It fulfills a legal requirement for protecting privacy of customers as well as clients.
- Personal information denotes anything that could be used to identify an individual.
- It represents a generalized treatment that tends to be more specific and detailed.
- The exact content of certain privacy policy will depend upon applicable law and need to address requirements across all boundaries.
Expert Solution & Answer
Trending nowThis is a popular solution!
Students have asked these similar questions
John just finished his inspection coordinator course. After obtaining his first appointment, he plans to add his personal secretary to the inspection team for the purpose of serving as a session scribe and producing the required reports. He assumes that her participation will free him of the coordination tasks and enable him to conduct the session successfully. Is it advisable to employ a secretary (a non-information technology professional) as a scribe in an inspection session? List the pros and cons of adding such a nonprofessional to the inspection session.
After reading the case presented in the module, write a short response to the following discussion questions and ethical decision making scenario.
Discussion Questions
Before the discussion at the start of this chapter, how do Fred, Gladys, and Charlie each perceive the scope and scale of the new information security effort? Did Fred’s perception change after that?
How should Fred measure success when he evaluates Gladys’ performance for this project? How should he evaluate Charlie’s performance?
Which of the threats discussed in this chapter should receive Charlie’s attention early in his planning process?
a. If you are asked to document the possible items required for system support and security for student attendance management system of University of Nizwa: what are the items you will consider. You must write at least THREE (3) items for each. b. To develop system like attendance monitoring system: what are the iterns you might consider in each part of SWOT analysis. Provide at least TWO (2) possible strengths, weakness. opportunities and threats.
Chapter 5 Solutions
Management Of Information Security
Ch. 5 - Prob. 1RQCh. 5 - Prob. 2RQCh. 5 - Prob. 3RQCh. 5 - Prob. 4RQCh. 5 - Prob. 5RQCh. 5 - Prob. 6RQCh. 5 - Prob. 7RQCh. 5 - Prob. 8RQCh. 5 - Prob. 9RQCh. 5 - Prob. 10RQ
Ch. 5 - Prob. 11RQCh. 5 - Prob. 12RQCh. 5 - Prob. 13RQCh. 5 - Prob. 14RQCh. 5 - Prob. 15RQCh. 5 - Prob. 16RQCh. 5 - What are the 10 areas that make up the component...Ch. 5 - Prob. 18RQCh. 5 - Prob. 19RQCh. 5 - Prob. 20RQCh. 5 - Prob. 1ECh. 5 - Prob. 2ECh. 5 - Prob. 3ECh. 5 - Prob. 5ECh. 5 - Prob. 6ECh. 5 - Prob. 1DQCh. 5 - What are the advantages and disadvantages to...Ch. 5 - Prob. 1EDM
Knowledge Booster
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.Similar questions
- Is there an optimal amount of preventive maintenance? What caution should be exercised before calculating this optimal amount?arrow_forwardSenior management at Health Network allocated funds to support a risk mitigation plan, and have requested that the risk manager and team create a plan in response to the deliverables produced within the earlier phases of the project. The risk mitigation plan should address the identified threats described in the scenario for this project, as well as any new threats that may have been discovered during the risk assessment. You have been assigned to develop this new plan.arrow_forwardNIMS has both strengths and weaknesses when it comes to crisis communication. No, I can't think of one that happened recently where NIMS didn't work the way it was supposed to. This could be because emergency managers don't have a lot of experience or aren't well-trained. It could also be because there aren't any standard operating procedures in place (SOPs).arrow_forward
- In which phase of secSDLC is contingency planning carried out? Multiple answers : A: planning B: analysis C: design D: implementationarrow_forwardWhat are the advantages and disadvantages of the National Incident Management System (NIMS) in terms of crisis communication? Consider a recent occurrence or disaster scenario where NIMS was not adequately implemented. This could be due to emergency managers' lack of knowledge and/or training, or it could be due to any other issue you notice that prohibits someone from following standard operating procedures (SOPs).arrow_forward1. Regarding the following, what do you believe plays the more significant role in the decision to implement a countermeasure that protects a mission-critical resource? Defend your choice with valid rationale. - Cost to implement the countermeasure - Operational impact of the countermeasure on normal operationsarrow_forward
- What are the advantages and disadvantages to preparing the SETA program in-house or in hiring a consulting firm to develop it?arrow_forwardIt is recommended to propose a security awareness campaign. Finished works of art should not be missing any important parts. All of the input should be reflected in the final product. Proposal contents will comprise an executive summary, communication plan, proposal introduction, rules and processes, suggested solutions to security flaws, and plans to continuously monitor the organization for hostile behaviour.arrow_forwardIt is recommended to submit a proposal for a security education program. Artifacts that have been finished and polished are supposed to have every part they need. The input that was used to create it should be reflected in the final product. The proposal will include an executive summary, a communication plan, an introduction, rules and processes, suggested solutions to security flaws, and plans to continuously monitor the organization for hostile behaviour.arrow_forward
- What are the advantages and disadvantages of the National Incident Management System (NIMS) in terms of crisis communication? Consider a recent occurrence or disaster scenario in which NIMS was not effectively utilized. This could be due to a lack of knowledge and/or training on the part of emergency managers, or it could be due to any other issue you notice that prohibits someone from following standard operating procedures (SOPs).arrow_forwardIt is recommended to submit a proposal for a security education program. Artifacts that have been finished and polished are assumed to include all their vital parts. The input that was used to create it should be reflected in the final product. The proposal will comprise an executive summary, communication plan, proposal introduction, rules and processes, suggested solutions to security flaws, and methods to continuously monitor the organization for hostile behaviour.arrow_forwardWhat are some strengths and weaknesses of the National Incident Management System (NIMS) when it comes to crisis communication? Can you think of a recent incident or disaster situation where NIMS was not implemented as it was intended? This can be in regards to experience and/or lack of training by emergency managers or any other issue you see that enables one use standard operating procedures (SOPs).arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning