Big Chemical Encyclopedia

Chemical substances, components, reactions, process design ...

Articles Figures Tables About

Information assets

Align security measures for the computer system with your corporation s Information Asset Protection Policies (lAPP) and coordinate with the building and/or plant security plans. For some systems, strict compliance with specific security requirements mentioned in the lAPP may not be possible given proprietary system limitations. Examples may include unique user identification codes, specified lengths for user identification codes and passwords, or inactivity time-outs. Use a deviation change process to document and justify these situations. [Pg.633]

Assess the risk involved when implementing any security scheme. Identify system entry points and sensitive or confidential information assets. Risks include threats from intentional acts as well as from unintentional and accidental threats. An overly elaborate scheme may be ineffective since it may discourage use or encourage circumvention of the system. [Pg.633]

Paper-based Familiar Durable Transparent security model Costly Inefficient searches Space consumption Inhibits leveraging of information assets Environmental impact Emphasis on separate repository function Audit management overhead... [Pg.2563]

Consider visitor access to a company facility. This example has a goal for protecting physical assets, information assets, human capital assets. [Pg.421]

Smallwood RF (2012) Safeguarding critical e-documents implementing a program for securing confidential information assets. Wiley, Hoboken... [Pg.550]

A list of information assets wifli safety eategories was eompiled some time ago, but not maintained. This has been used as an input to the aetivity. More recently. [Pg.134]

The educator must not only identify the information but also place a value on it. An educator should calculate the value of each information asset. This would require a qualitative or quantitative analysis of educational information to determine what that the information is worth to the school. Questions such as How we can meet the primary mission of this educational enterprise in the absence of this information and What legal ramifications exist if we do not safely maintain this information artifact should be considered. [Pg.77]

A threat assessment should look at each information asset and then determine its liabilities. Threats can include both accidental and malicious acts originating from inside or outside the school. The threat assessment dictates that each situation of concern be viewed and assessed individually. Application of the assessment is guided by... [Pg.77]

The third step is to conduct a vulnerability assessment of school information. A vulnerability assessment should calculate the probability that a threat to information assets could occur. The vulnerability assessment could be based on quantitative or qualitative evaluation of threats to information. The resulting data should provide an idea of the likelihood that a loss of confidentiality, integrity, or access may occur so that measures of information safety could be implanented (National Center for Education Statistics, n.d.). [Pg.79]

The data from an accurate risk assessment of information value, threats, and vulnerabilities will provide the educator the ability to identify, select, and implement appropriate security measures. This does not require that the educator be an expert in safeguarding information, but it does assume that the educator has knowledge of information and knows when to provide a proportional response, even if that requires acquiring expert assistance in completing the task. The educator should understand productivity, cost effectiveness, and value of the informational asset and its threats and vulnerabilities and subsequently how to go about protecting it (Elky, 2006). [Pg.80]

Figure 1. Information, asset specificity, and choice of governance form. Figure 1. Information, asset specificity, and choice of governance form.
An information risk assessment is a variation of a more traditional risk assessment, which focuses on identifying assets and looking at the threats and vulnerabilities of each asset to potential loss. In conducting an information risk assessment, the first step is to identify information assets and estimate their value to the organization. [Pg.70]

Identifying information assets requires investigation and asking questions such as What type of information does the organization maintain What is its value to the organization and Where is the information stored, whether digitally or in hard copies ... [Pg.70]

For example, for each informational asset, give it a value from low to high. Then, for each threat vulnerability to the information, give it a value from low to high. The intercept of these characteristics should provide the data to make a decision regarding how the informational asset should be protected from that threat. [Pg.72]

Identify valid sources of information. Information assets are intangible information and any tangible form of its representation, including drawings, memos, e-mail, computer files, and databases. [Pg.87]

See other pages where Information assets is mentioned: [Pg.755]    [Pg.977]    [Pg.2552]    [Pg.2563]    [Pg.658]    [Pg.831]    [Pg.404]    [Pg.193]    [Pg.420]    [Pg.422]    [Pg.135]    [Pg.77]    [Pg.79]    [Pg.96]    [Pg.146]    [Pg.73]    [Pg.180]    [Pg.252]   
See also in sourсe #XX -- [ Pg.193 , Pg.194 ]



SEARCH



Assets

© 2024 chempedia.info