ISO 17799 Standards Assignment Help

Assignment Help: >> Information Security and Controls >> ISO 17799 Standards

ISO 17799 Standards:

The British Standards Institute introduced a standard for information security management called ISO 17799 in 2001. According to this standard, the goal of information security is to suitably protect information in order to ensure business continuity, minimize business damage, and maximize returns on investments.

They can minimize errors, fraud, and destruction in the internetworked information systems. Such controls also provide quality assurance for information systems. ISO 17799 provides ten such controls which are listed and explained here:

Security Policy Control

Security policy control is one of the most important controls. This control addresses the top management's support and commitment toward information security and its protection. It also encompasses the policy level initiatives that the top management takes and implements so as to achieve the goals of information security.

Asset Classification and Control

This control is used to classify the assets based on their business impact, and handling, labeling, and maintaining an inventory of them. It is aimed at protecting the assets of the organization. It includes a set of mechanisms and standards that describe the process of maintaining an inventory of assets. Such standards describe the processes of branding, transferring, and disposing of the assets based on their classifications.

Personnel Security Control

Personnel security control is designed to control the inherent human risks involved in human interactions with the information systems. This control enables personnel screening to authenticate their access to informational assets, informs the personnel about their security responsibilities like information security codes of conduct, non-disclosure agreements, etc. It also specifies the terms and conditions of employment, training, and recourse.

Physical and Environmental Security

This control addresses all those risks that are inherent to the organizational premises which include location of the business, defining physical security premises, access control into the premises, tracking of assets movement (transfer) within the premises and between the premises and the environment.

Communications and Operations Management Control

Performing secure operations over different networks is also essential to maintain a secure information system. This control oversees such operations. The control includes various operational, capacity planning, network management, housekeeping, etc., controls and procedures that allow the organization to carry out secure operations and protect its information system.

Access Control

Access to informational assets varies with different layers in management. Access control to key informational assets mandates high control over the assets. It oversees the access to these assets based on business requirements and security requirements.

System Development and Maintenance Control

System development and maintenance control addresses the ability of an organization to ensure that suitable information system security controls are incorporated as well as maintained. This control includes a set of standards and procedures that govern the development and use of security controls in an organization.

Business Continuity Management Control

Unsolicited interruptions in normal business functioning are common and the management has to find ways to reduce and eliminate such instances. This control oversees the management's ability to battle such interruptions and bring normalcy back in the operations.

Compliance Control

Compliance in this context is the organization's ability to adhere to the regulatory, statutory, legal, and other contractual obligations from the business environment. Compliance control addresses such issues of organization's adherence.

Email based Information technology and system assignment help - homework help at Expertsmind

Are you searching Computer science expert for help with ISO 17799 Standards questions?  ISO 17799 Standards topic is not easier to learn without external help? We at www.expertsmind.com offer finest service of Information technolgy and system assignment help and Information technology homework help. Live tutors are available for 24x7 hours helping students in their ISO 17799 Standards related problems. We provide step by step ISO 17799 Standards question's answers with 100% plagiarism free content. We prepare quality content and notes for ISO 17799 Standards topic under Information technology theory and study material. These are avail for subscribed users and they can get advantages anytime.

Why Expertsmind for assignment help

  1. Higher degree holder and experienced experts network
  2. Punctuality and responsibility of work
  3. Quality solution with 100% plagiarism free answers
  4. Time on Delivery
  5. Privacy of information and details
  6. Excellence in solving Information Technolgoy and system queries in excels and word format.
  7. Best tutoring assistance 24x7 hours

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd