The Importance Of Organization Information Security………

To implement an security control inside the organization is very important for the organization to survive and to have some competitive advantage. By having the segregation of duties is very important apart from that who is doing what and the roles and responsibilities of the persons i the organizations is very important so that to classify like what is the role of information security officer in the organization. In compliance with…

Access Control- Limiting access to a system

A.9. Access Control   To begin with “ if  you have no access control means you have no security at all.” Access control is one of the main building blocks of information security. It is to be designed as it is both secure enough and acceptable to users. The purpose of this document is to specify the rules for access to various systems, sensitive information and equipment facilities. Using an…

Keep Calm and have a Business Continuity Management in Place.

Information Security aspects of Business Continuity Management Business continuity is a proactive plan to avoid and mitigate risks which might create a disruption in the delivery of service to your customers or abrupt your operations. Business continuity management outlines the steps should be taken before, during and after an event to maintain the financial viability of an organization. Business continuity management elaborates a framework for identifying organization’s risk of exposure…

Whistle Blowing Using Blockchain the New Concept….

  Whistleblowing: The disclosure by a person, usually an employee in a government agency or private enterprise, to the public or to those inauthority, of mismanagement, corruption, illegality, or some other wrongdoing.Whistleblowers often face reprisals from their employer, who may suffer reputational damage as a result of the whistle being blown, or from colleagues who may have been involved in the illicit activities. In some cases reprisals become so severe that they turn into persecution. In some cases reprisals come from legal channels, particularly if the whistle has been blown for illegitimate reasons.Protection of whistle blowers is an important focus…

An Incident Management is a must in today’s organisation!!

A.16. Information security incident management An incident is defined as any disruption in IT service. Incident management deals with handling incident and ensures to restore IT service soon as possible. The A.16. clause of the ISO 27001 provides appropriate methods to manage any information security incidents that may take due to a series of unforeseen adverse events. It also formulates strategies for improvements in the information security domain. Information security incident management…