Authorization and Accreditation Term Paper

Open, View, and/or
Download this Document

Total Length: 970 words ( 3 double-spaced pages)

Total Sources: 3

Page 1 of 3

Authorization and Accreditation

The organization's risk management framework offers a structured information and process to help the company identify, assess, and take steps to reduce risks to a reasonable level. The E-Government Act requires organizations to protect their information technology and information systems that support their assets and operations (Jain & Zhang, 2012). This paper looks at how the organization will plan, implement, and manage its risk management steps. The risk management steps under the Risk Management Framework include the six steps as summarized in the following diagram.

Risk Management Steps

Approach to Implementation

To implement the first step, the organization will need to categorize the information systems, as well as the information being stored, processed, and transmitted by the system. This will be based on the possible effect to the company in case events take place to put the information and the system at risk. The organization will assign a security effect value (high, low, or moderate) for the security goals of integrity, availability or confidentiality (Bowden & Martin, 2011). This will relate to the information systems and information the company requires for achieving its mission, fulfilling its legal responsibilities, maintaining its daily functions, and protecting its individuals and assets.

The categorization of security standards for information systems and information will provide a common understanding and framework for documenting the possible effect to individuals or organizations. This is done in case of a security breach to information system or information.

Stuck Writing Your "Authorization and Accreditation" Term Paper?

View All Our Example Authorization and Accreditation Term Paper

Have A Custom Example Essay Written

The organization's information system and information will help the company identify the security category of its information system. The process of categorization will likewise promote consistent reporting and effective management of information systems (Jain & Zhang, 2012).

In implementing the second step, the organization will identify an appropriate class of security controls for its information system after it has already determined its security categorizations. The E-Government Act specifies that companies meet the minimum requirements of security by choosing an appropriately tailored class of baseline security controls. This will be based on assessing risks and local conditions such as the company's security requirements, cost benefit analysis, threat information, and special circumstances. In a move to overcome minimum security requirements, the company will select appropriate security controls (Jain & Zhang, 2012). This will help the company protect its information systems according to its business requirements and mission. It will determine an initial set of security controls based on the effect analysis conducted previously. The company will supplement and tailor the selection of baseline security controls. This will be based on the company's assessment of risks.

Security controls must be implemented within the information system. The organization will configure security checklists and present information about its benefits. Further, the management will give information on how to use the checklist and locate and retrieve checklists. Security setting checklists will be useful devices, which will be developed to guide the IT department and security personnel in.....

Show More ⇣

     Open the full completed essay and source list


OR

     Order a one-of-a-kind custom essay on this topic


sample essay writing service

Cite This Resource:

Latest APA Format (6th edition)

Copy Reference
"Authorization And Accreditation" (2013, October 25) Retrieved May 2, 2024, from
https://www.aceyourpaper.com/essays/authorization-accreditation-125531

Latest MLA Format (8th edition)

Copy Reference
"Authorization And Accreditation" 25 October 2013. Web.2 May. 2024. <
https://www.aceyourpaper.com/essays/authorization-accreditation-125531>

Latest Chicago Format (16th edition)

Copy Reference
"Authorization And Accreditation", 25 October 2013, Accessed.2 May. 2024,
https://www.aceyourpaper.com/essays/authorization-accreditation-125531
   

Open, View, and/or
Download this Document
order custom essay example