Approaches to Information Security Implementation

Cards (7)

  • The implementation of information security in an organization must begin somewhere and cannot happen overnight. Securing information assets is in fact an incremental process that required coordination, time, and patience.
  • Security can begin as a grass-roots effort when system administrators attempt to improve the security of their systems. This is referred to as the ______
    Bottom-up approach
  • The key advantage of the _____ is the technical expertise of the individual administrators. They know and understand the threats to their systems and the mechanism needed to protect them successfully
    Bottom-up Approach
  • Unfortunately, this approach seldom works, as it lacks a number of critical features, such as participant support and organizational staying power.
    Bottom-up Approach
  • An alternative approach, which has a higher probability of success, is called the ____. The project is initiated by upper management who issue policy, procedures and processes, dictate the goals and expected outcomes of the project, and determine who is accountable for each of the required actions.
    Top-down Approach
  • The ____ has strong upper management support, a dedicated champion, dedicated funding, clear planning and the opportunity to influence organizational culture.
    Top-down Approach
  • The most successful ____ also involves a formal development strategy referred to as a system development live cycle
    Top-down Approach