18. Information Security

1.     DEFINITION 2.     THREATS TO INFORMATION SECURITY 3.     OBJECTIVES OF INFORMATION SECURITY	4.     WHY          – Requirement of information security 5.     WHAT  – Information type for which security is required 6.     HOW – To protect information
7.     PRINCIPLES OF INFORMATION SECURITY: 7.1  Create: 7.1.1    Accountability 7.1.2    Awareness 7.1.3    Reassessment 7.2  Save: 7.2.1    Cost 7.2.2    Time 7.3  Conserve: 7.3.1    Multidisciplinary 7.3.2    Integration 7.3.3    Societal Factors	8.     TYPES OF PROTECTION: 8.1  Preventative: 8.1.1   Definition 8.1.2   Types: A)   Physical B)   Ethereal or nonphysical C)   Administrative 8.2  Restorative: 8.2.1    Definition 8.2.2    Questionnaire for restorative protection 8.3  Holistic: 8.3.1    Definition 8.3.2    Use
9.     IMPLEMENTATION: 9.1  Security policies: 9.1.1    Defining 9.1.2    Development 9.1.3    Assigning 9.2  Security system: 9.2.1    Designing 9.2.2    Implementation 9.2.3    Monitoring: A)    Benefits B)    Process 9.2.4    Awareness and Training: A)    Methods B)    Expectations 10.   EXAMPLE – Security  policy statement example : 10.1  Information related 10.2  Security related 10.3  Responsibility related 11.   ROLE OF A SECURITY ADMINISTRATOR 12.  TECHNICAL TERMS DEFINED: 12.1   Cyberspace 12.2   Information system auditors 12.3   Data Integrity