All right. Bye, Learners. We are on less than 5.3. Um, information security management.
Okay. Are you ready? I'm sure you already. We talked about security right now.
All right. So the learning objectives in this video, we will cover the purpose and objective of information security management, which is I s m the scope of ice. Um, within this business structure as well as what is information, security policy, The i S P and what does it covers? Okay,
so we go into the information security, management, the purpose. So the purpose of this is to align I t security with business security And to ensure that the confidentiality integrity, as well as the availability off the organization assets, information data
in I t services always match the greed needs of the business.
I know. We all know within the security field the the C I A. Which is the confidentiality, integrity and availability. So this should be for until you on this one. Okay.
So some of the objectives of information security management So, in a nutshell, So information is observed is observed by or disclosed to only those who have the right to know which is confidentiality,
and then you have information is complete, accurate and protected against unauthorized modification.
And that's the integrity portion of it. And then you have information that is available that is usable when required. And the systems that provided can appropriately resist attacks as well as recover from or prevent failures. And that's the availability of those particular services.
And then, of course, you have, like, business transactions, right, whereas
information exchange between enterprises or within partners. And that could be a za trusted Asian type of thing. The authenticity, uh, being authentic with those particular ones. Okay,
so then we go into the scope, right? So the scope according to I tell the scope of the information security management process, includes
the focal point of all I t security. All I t security issues the obligations and responsibilities with regard to security, which is contained within all the S Ella's. Within that business requirement, then you have the best security policies and plans.
You have the security obligations within the S. L. A is right.
The legislative and the regulatory requirements. All these are the scopes within the information security management.
All right, so then we go into the information security policy. Now, the I S P is more on the use and the misuse of I t asset policies. Right? Um, you have the email policies that's in place. You have that Internet policy that's in place,
the information classifications, policies as well as the password control policies
and the access control policies. So you understanding where those particular policies come and play? Because I understand. I know that from the standpoint, where you at now, in the corporate environment or wherever you work at, they have these particular processes and policies in place for the betterment of the organization. Okay,
so I know this is familiar to you as well.
so then we go as just to continue. So the remote access policies and you have the policies with regard to the supplier access to the I t service information and components. So those are different layers in the disposal off specific assets, the correct disposal,
the records retention and the copyright infringement
policies of electronic material. So these are important concepts of the information security policies. Okay.
Alright. So in summary so less than 5.3 the information security management. It wasn't as in deaf, right? So it's on the foundational level. You get the purpose of the information security, management, the scope information, the scope of the information security management as well as the I S P concepts. Okay,
we'll follow on with our lesson quiz and then on to the next lesson I see there.