Wig1 Information Security Plan

1390 Words6 Pages

Information Security Plan
Introduction
Purpose
Information is critical to WigIT’s functionality and needs to safeguarded. This protection must be uniform, consistent and cost effective due to information existing in many forms. Information can be on paper, electronic, and verbal. Information Security is the practice of preventing unauthorized access, use, disclosure, destruction, modification, or disruption and ensuring that the security of all information from threats. (Information Security Resources, 2017) This plan intends to establish how WigIT will achieve information protection from information threats so that it can guarantee business continuity. WigIT’s information security program will be achieved by implementing controls, including …show more content…

It provides guidance on the importance of confidentiality, integrity and availability of information, regardless of how the information is communicated or held. WigIT’s developed risk management strategies will be implemented immediately and personnel will assist in identifying all threats and vulnerabilities. The WigIT information security incident response plan ensures compliance with all applicable laws, regulations and policies. Finally, because information security is vital to safeguard security awareness and training programs will be established immediately and will be completed annually.
WigIT is responsible for mitigating and protecting the confidentiality, integrity and availability of all information. The unauthorized use, modification, deletion, or disclosure of information may compromise the integrity of WigIT and violate individual privacy rights. It is the responsibility of all information owners to ensure confidentiality of personally identifiable information (PII), integrity and availability of data held by WigIT to include IT facilities, software, ubiquitous devices and equipment owned or leased by the WigIT …show more content…

Information owners are responsible for classifying, maintaining controls, authorizing access, monitoring compliance with WigIT security policies and standards, managing risk, and protection of the information at WigIT.
Security Program
WigITs and its employees are responsible for complying with the provisions of security policies, standards, and security initiatives that will be enforced with the same standards. WigIT’s incident response team will handle all information security incidents. The security program is responsible for information classification, control approvals and access privileges, periodic reclassification, and risk reviews. Information security is vital to business continuity and the objective avoiding or mitigating risk.
Risk Management
This process identifies, assesses, and takes steps to reduce risk to an acceptable level. Risk management is critical for WigIT to successfully implement and maintain a secure