ISMS plan for IT security of Healthy Body wellness Center
An Information Security Management System (ISMS) represents a
systematic approach for designing, implementing, maintaining, and
auditing an organization’s information system security objectives. As
with any process, if an ISMS is not continually monitored, its
effectiveness will tend to deteriorate.
For this task you will be using the attached “Healthy Body Wellness Center Risk Assessment” case study. In this task, you will be writing a 1–2 page white paper outlining the scope of an ISMS plan for the Healthy Body Wellness Center and an evaluation of the previously conducted risk assessment.
The first step in initiating an ISMS is to form a committee of upper level management that would set the tone for the ISMS. Assume you are part of that team. Initiating an ISMS involves developing a plan that includes the scope of the ISMS and identifying and assessing risk. The risk assessment for the Health Body Wellness Center has already been conducted. Your task is to define the ISMS scope for the Healthy Body Wellness Center and make recommendations for implementing the resulting ISMS plan.
Task:
A. Outline the scope (suggested length of 1–2 pages) for the ISMS plan being developed in the case study by including the following:
1. Information about the business objectives for the organization
2. A description of the guiding security principles of the organization
3. A justification of the processes that should be included in the scope
4. A justification of the information systems that should be included in the scope
5. A description of the IT infrastructure that includes a description of information flow
B. Recommend additional steps that the organization would need to take to implement the ISMS plan.
1. Discuss what each recommended step entails.
2. Justify each recommended step.
For this task you will be using the attached “Healthy Body Wellness Center Risk Assessment” case study. In this task, you will be writing a 1–2 page white paper outlining the scope of an ISMS plan for the Healthy Body Wellness Center and an evaluation of the previously conducted risk assessment.
The first step in initiating an ISMS is to form a committee of upper level management that would set the tone for the ISMS. Assume you are part of that team. Initiating an ISMS involves developing a plan that includes the scope of the ISMS and identifying and assessing risk. The risk assessment for the Health Body Wellness Center has already been conducted. Your task is to define the ISMS scope for the Healthy Body Wellness Center and make recommendations for implementing the resulting ISMS plan.
Task:
A. Outline the scope (suggested length of 1–2 pages) for the ISMS plan being developed in the case study by including the following:
1. Information about the business objectives for the organization
2. A description of the guiding security principles of the organization
3. A justification of the processes that should be included in the scope
4. A justification of the information systems that should be included in the scope
5. A description of the IT infrastructure that includes a description of information flow
B. Recommend additional steps that the organization would need to take to implement the ISMS plan.
1. Discuss what each recommended step entails.
2. Justify each recommended step.
posted by simon jones @ 02:55
0 Comments
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home