IT 253

rtf

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

253

Subject

Information Systems

Date

Feb 20, 2024

Type

rtf

Pages

2

Uploaded by BrigadierFlowerFrog35

Report
John Johnson IT-253 Professor Bryant 7/14/2023 3-2 Activity: Information Security Policy Review The Federal Information Security Modernization Act, the Privacy Act, and other laws and regulations serve as the foundation for the EPA's information security policy. These laws give the EPA the power to impose the policy across the board of the entire corporation The policy's description of IT roles and duties contributes to the EPA's safety record. The roles are clearly defined and vary from the CIO and EPA Administrator to specific users and staff members. This role breakdown makes it very clear who is in charge of what aspects of the overall security posture. This guarantees that security is a priority at every level of the organization, regardless of the EPA's size. The EPA's information security policy is a thorough document that follows closely to the organization's legal duties. The policy guarantees that security is a priority at every level of the company and offers clear direction on roles and responsibilities. All EPA workers and anybody with access to their systems should read this text. Everyone must be aware of the security precautions put in place at all EPA locations. The document also clearly outlines who should be made aware of security vulnerabilities and how those issues should be handled. An enforcement section is one thing that could be included in the document. This would
spell out the consequences for breaking the rules, which would encourage users to take the issue seriously. Additionally, it could help in avoiding any potential problems with bias or uneven or unequal enforcement. A service or review period could be introduced as an additional aspect. Users would be able to know when changes might be made thanks to this documentation of when the policy's subsequent review is necessary. The document provides a thorough summary of the EPA's information security policy as a whole. It is understandable, simple, and clear. The document would be much more useful if it included sections on enforcement and maintenance or review.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

_CH05_MakrisJohn.docx
Wk4 Findings Assignment.pdf
ISSC456_Lab1_Ocasio_Miguel.doc
ISSC456_Lab4_Ocasio_Miguel.doc
Wk3 Findings Assignment.pdf
HU140 Unit 3 Assignment Final complete.docx
DQ6 .docx
Short Answer Q1.docx
Week 1 Problem Set 1.docx
Case 5.3 Air Canada Flying high with Information Technology C.docx
Farhan_Mohd_IST_110_Lab_Common_Tech_Vulnerabilities_rev3.docx
Topic 6 DQ 2.docx