What measures should be taken in the initial design of a security plan to ensure personal security within an organization? What are the three lines of physical defense that organizations need to consider? What is the significance of concentric layers of security? How does this apply to the security of the organization? Why is it important to understand security as a process? How do these apply to the overall security strategy of an organizational security plan?
What is the purpose of including information systems security as part of an organizational security plan? What actions need to be taken to ensure that proper security measures are included in the design of the security plan as it applies to information systems? What budgetary considerations need to be taken into account? What recommendations would you make to combat the risks and threats presented by information system and network breaches as it applies to an organization's security plan? Explain.
DQ1: What measures should be taken in the initial design of a security plan to ensure personal security within an organization? Persons need security to operate in a safe environment. This includes freedom from unauthorized access, primarily, and also freedom from hazards in the workplace, some that may even be inherent in the performance of the job itself. Hazardous jobs require an extra measure of security that many other jobs or companies do not require. The value of the goods, services, materials or supplies the company produces may also affect security risks. Diamond merchants, for example, come in for a greater security risk due to the value of their products than would sellers of ice cream. Also, prisons face greater security risks for employees than pet shops. These factors, and others, influence the assessment of risks, and strategies to minimize or eliminate those risks. Some strategies may involve clothing for personal safety: face masks, hearing shields, splash guards to protect eyes and skin from chemicals, as well as physical barriers that prevent escape of materials or contamination from materials. These risks vary according to the specifics of the occupations or companies.
What are the three lines of physical defense that organizations need to consider? The correct answer to this question depends upon which authority you consult, and the specific defense situation: a computer system's defense will be different from the defense of a missle base, for example. According to one source, Information Technology, People, Operations is the correct answer, another source says the three lines of defense are day to day operations of the business, the continual monitoring of the business and the periodic checking of risk and compliance. Another source discussed perimeter defense, outside building defense, and inside building defense. There are, of course, other sources than these three: search three lines of physical defense for other expert ...
Discussion of answers to security questions dealing with organizational security and preparedness