Scribd
Upload
72 views2 pages

Asset Security

Hilda Jacobs is the General Manager of IT Security at Nutri Worldwide Inc. She is concerned about privacy issues with the large amount of customer data collected and stored. To address this, she decides to implement a data management process. The first step is to establish processes to verify and validate the accuracy of the data. Hilda is also responsible for selecting data security controls. She chooses controls based on requirements for data at rest and in transit. To do this properly, she should refer to the ISO/IEC 27001 standard for implementing an Information Security Management System.

Uploaded by

ace
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
72 views2 pages

Asset Security

Hilda Jacobs is the General Manager of IT Security at Nutri Worldwide Inc. She is concerned about privacy issues with the large amount of customer data collected and stored. To address this, she decides to implement a data management process. The first step is to establish processes to verify and validate the accuracy of the data. Hilda is also responsible for selecting data security controls. She chooses controls based on requirements for data at rest and in transit. To do this properly, she should refer to the ISO/IEC 27001 standard for implementing an Information Security Management System.

Uploaded by

ace
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Case Analysis:

Answer the following:

1. Network Firewalls division has a lot of information that is created and maintained. However,

Kevin, a Security Administrator at Nutri Worldwide Inc., recognizes that not all the information

is critical, and would like to do a high-level classification of the information accessible to him.

Question: What are the different information classification levels Kevin has to use?

Answer:

Government or Military Sector Classification - The Government or Military sector classification is


described in this section.

Commercial or Private Sector Classification - We will discuss commercial or private sector classification
in this section.

2. With the rapid expansion in the collection and storage of digitized personal information of

customers at Nutri Worldwide Inc., the issue of privacy has gained significance.

As the General Manager of IT security, Hilda Jacobs is concerned as there are very stringent

legal and regulatory requirements for the protection of privacy and data. She decides to

implement a data management process in the organization.

Question: What is the first step Hilda must undertake to kick-start the data management

process at Nutri World Inc.?

Answer:

Establish processes for verifying and validating the accuracy and integrity of the data

3. Hilda Jacobs, General Manager – IT Security at Nutri Worldwide Inc., was given the

responsibility of selecting appropriate data security controls as part of asset security.

Hilda selected the controls according to the organization's different requirements for the data

at rest and data in transit based on the existing risk. She also created a best practices

document by referring to available standards for data security.

Question: For implementing Information Security Management System, Hilda Jacobs should

refer to which standard?

You might also like