What Is The Integrated Approach

923 Words4 Pages

Question One
There are two approaches to information security policies: the parallel approach and the integrated approach.
a) Explain each of them.
Since information security is a set of process, orders, strategies and tools to keep the information from disclosure, fraud, and loss. There are two approaches to implement these strategies,
1- The first approach is parallel: Is appointed a special section for the security of information and does not maintain any tasks only information secure and are not held accountable by management.

2- The second approach is integrated: In this approach provides that everyone is responsible for information protection and security, and all have responsible into the administration, and thus the protection process …show more content…

Employee life cycle is identifying stages in employee life to optimize job management. There are common six stages employee passed it:

1- Recruitment: The stage that come before hiring the employee that include: Employment situation announcement, receive applications, sort the applications by CVs and qualifications then interviews to be employed.
2- On boarding: After the appointment of the employee is given the chosen position, responsibilities and the permissions on the system for this job.
3- Orientation: At this stage, the employee adaptation with the staff and the company's system and be clarified his role in the company.
4- Career planning: According to generally accepted corporate systems is to establish rules to assess the employee performance of the company to get the MLM as career planning for this position
5- Career development: After a period of appointment in the job employee requires to professional development to improve the maturity and the company, such as training or traveling to learn modern techniques.
6- Termination: Remove the employee from his job by the process of regulations and laws, such as retirement or …show more content…

FIPS provide security categories that based on the potential impact on an organization should certain events occur which jeopardize the information and information systems needed by the organization to accomplish its assigned mission, protect its assets, fulfill its legal responsibilities, maintain its day-to-day functions, and protect individuals. Security categories are to be used in conjunction with vulnerability and threat information in assessing the risk to an