Information Security Policy Essay

1375 Words6 Pages
Information Security Policy Name Omitted School Omitted IT244 Intro to IT Security Instructor Name Omitted August 9, 2009 Executive Summary A powerful security position is upheld by defining data ownership responsibilities, employing security controls, and maintaining the security infrastructure. This policy outlines requirements that aid management in creating a framework that defines a secure environment. “This framework provides the overarching structure for safeguarding Information Technology (IT) Resources, achieving confidentiality, integrity and availability of the data and IT Resources used to manage the services provided by Commonwealth agencies, authorities, and business partners” (MASS.Gov, 2009). It is the responsibility of The Bloom Design Group management to have controls in place and operating that provide reasonable assurance that security objectives are addressed.  The Bloom Design Group has the responsibility to employ due diligence in the adoption of this framework.  The Bloom Group “must achieve compliance with the overall information security goals of the Commonwealth including compliance with laws, regulations, policies and standards to which their technology resources and data, including but not limited to personal information, are subject” (MASS.Gov, 2009). Introduction The Bloom Design Group provides services worldwide as a professional interior design consulting firm. Based in New York City, with a second office in Los Angeles, the Bloom Design Group offers services to both individuals and businesses. Part of Bloom’s allure is the full-featured web site that offers custom levels of access based on the user’s role, client or employee. Because web site functionality will vary based on the user’s role, user permissions must be defined. These permissions will
Open Document