Information Security Audit And Assurance Essay Example | Topics and Well Written Essays - 3250 words

Information Security Audit And Assurance - Essay Example Data is stored in a database that makes access, retrieval and manipulation easy and more secure (Chrisopher, 2012). The Department of information technology in the organization oversees the security of the information system and hardware that is used in running all the activities in the organization. Computer and information security entails the safeguarding of computer resources, limiting access to authorized users, ensuring data integrity, maintaining data confidentiality and enhancing accountability in the organization (Chrisopher, 2012). The effective security will therefore involve taking security measures to ensure hardware and media are not stolen or damaged. Developing back –up strategies to minimize loss of data and information, encryption of sensitive data files and appropriate user identification (Ruskwig, 2012). Audit checklist: INFORMATION SECURITY SYSTEM AUDIT AND ASSUARANCE CHECKLIST Personnel/ Human resources Check item Answer Responsibility Who has the respons ibility for ensuring system security? employee Do employees and other users of the system have the knowledge and training on how to handle security threats? Training Do the personnel and staff member with any responsibility of system security have adequate training and do they receive training to support their roles? Computer security policy Is there a documented security policy that is fully supported by the senior management , with associated operating systems Non – disclosure Agreements Is there confidentiality agreements to sensitive employee data and information and its disclosure to third parties Process Audit Are the installed systems in the company including security systems and firewalls installed in the company audited on a regular basis? Software patches Do mechanisms exist that are used to deploy software patches at the security systems in the company in a timely and audited manner? Data protection Are employee and company data well secured in the database? And co mply with the legislative frameworks such as data privacy Act. Authentication Are there reliable and effective authentication mechanisms in the organization? Technology External network security Are there security measures such as intrusion detectors, firewalls that are used to protect against external computer access such as internet. Are these safety measures authorized by the senior management. Content monitoring Is there proper monitoring of the content of emails, and internet to prevent virus infection, internet fraud, SPAM and also litigation from the improper use and improper content. Anti virus Is there an installed antivirus and is it up to date, are all users trained and educated on how to identify and avoid suspected files to avoid virus and malware infection. Physical security Are critical IT systems, equipment and servers, stored in a secure and protected area free from unauthorized access? Security policy. Policy statement: The department of information technology in t he organization is vested with the responsibility to provide the substantial data security and confidentiality of all the resources, data and information that are held in the organization which include local storage media, or remotely placed in order to ensure the continuous availability resources and data to the authorized users in the organization and also to provide integrity of these data and configuration controls (Ruskwig, 2012). Security policies: a) The data

What is political legitimacy Essay Example | Topics and Well Written Essays - 1250 words

What is political legitimacy - Essay Example John Locke’s view of political legitimacy emphasizes the necessity of respect for human rights and transfer of authority based on consent for effective public administration. Plato was philosopher and a mathematician during the Classical Greece. He was also an influential figure in the philosophy of the West. Plato, in The Republic, declared that an ideal society ought to be run by a council of philosopher-kings (Plato & Cornford 22). Plato recommended that philosophers needed to do a thorough learning of the world prior to making their way into leadership at the age of fifty. According to Plato, the best form of political legitimacy constitutes the moral reordering of the whole society. Plato, thus, implied that moral societies are dedicated to returning to the best ways of doing things in order to be the best version through which the society can be idealistic and achieve perfect governance. Locke proposes that after the establishment of a social contract, the first act of the government is creating different branches of the government. Lock suggested that the optimum number of government branches should be three as this could ensure maximum peace and protection (Rawls & Freeman 53). When people are assured of their protection, there are high chances of increased productivity because there is no fear of security threats. Peace in a country is the primary determinant of security and protection; therefore, the government should strive to use its machinery to ensure prevalence of peace and tranquility in the states. The Republic by Plato is actually an investigation at the harmonic justice that should be afforded to human beings and the balance required to establish the moral health of the soul. Plato believed that search for political legitimacy is not streamlined since it constitutes a journey within using the models of ideal state,