Principles of Information Security Essay Example | Topics and Well Written Essays - 2500 words

Principles of Information Security - Essay ExampleRisk treatment is the proportionate provision of controls. It give nonice mitigate or eliminate risks of the organizations operations according to suitable options. The main stopping point of risk treatment is to reduce risk to an acceptable level in a cost-effective manner. plot treating risk we have to take care of few things such as selected controls, regulations, legislation, organizational policy, user acceptation and safety and reliability.The risk can be addressed by four ways. They are avoided, transfer, limit and accept. ward off means eliminating the cause of the risk. Transfer refers to insurance or outsourcing some function from other organizations. Limit meant for cut down the likelihood or consequences of an event. The last way is to accept that means one understands the risk and there is not any cost-effective solution that can be used so it is better to live with that. formerly one has Risk Registers tables one can check from there which threat is most affecting the assessment Office performance. Depending upon the risk various types of controls can be selected.Security program plan is made when every the controls are identified. Insecurity plan one addresses a group of controls as compared to individual controls. It is not needful that whatever suggestion one has included in the plan is going to be implemented by the management. But each can be considered for that. The various controls that are identified are Identity Card, patronage procedures, Training/Awareness, Strictly Comply ITS Security policies, Physical Protection of Server (CPU), and Proper Rechecking etc.