Introduction to Information Security


Approaches to Information Security Implementation: Bottom-Up Approach



Download 1,39 Mb.
bet3/44
Sana01.04.2022
Hajmi1,39 Mb.
#522548
1   2   3   4   5   6   7   8   9   ...   44
Bog'liq
CSS

Approaches to Information Security Implementation: Bottom-Up Approach

  • Grassroots effort: systems administrators attempt to improve security of their systems
  • Key advantage: technical expertise of individual administrators
  • Seldom works, as it lacks a number of critical features:
    • Participant support
    • Organizational staying power

Approaches to Information Security Implementation: Top-Down Approach

  • Initiated by upper management
    • Issue policy, procedures and processes
    • Dictate goals and expected outcomes of project
    • Determine accountability for each required action
  • The most successful also involve formal development strategy referred to as systems development life cycle

The Systems Development Life Cycle

  • Systems development life cycle (SDLC) is methodology and design for implementation of information security within an organization
  • Methodology is formal approach to problem-solving based on structured sequence of procedures
  • Using a methodology
    • ensures a rigorous process
    • avoids missing steps
  • Goal is creating a comprehensive security posture/program
  • Traditional SDLC consists of six general phases

Investigation

  • What problem is the system being developed to solve?
  • Objectives, constraints and scope of project are specified
  • Preliminary cost-benefit analysis is developed
  • At the end, feasibility analysis is performed to assesses economic, technical, and behavioral feasibilities of the process

Analysis

  • Consists of assessments of the organization, status of current systems, and capability to support proposed systems
  • Analysts determine what new system is expected to do and how it will interact with existing systems
  • Ends with documentation of findings and update of feasibility analysis

Download 1,39 Mb.

Do'stlaringiz bilan baham:
1   2   3   4   5   6   7   8   9   ...   44




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish