This website uses cookies to ensure you have the best experience. Learn more

Security Policy Week 4 Essay

547 words - 3 pages

This document is to describe the Information Security requirements of Online Application Services and Application Service Providers that engage in business with McBride Financial Services. This policy applies to any use of Online Loan Applications (OLA) and any outsourcing to Application Service Providers (ASP) by McBride Financial Services, independent of where hosted.
The Online Loan Application or Application Service Provider's Sponsor must first establish that its project is an appropriate one for the OLA/ASP model, prior to engaging in any additional infrastructure teams within McBride Financial Services or any external Application Service Providers. The department wanting to use an Online Loan Application or any Application Service Providers service must confirm that the Application Service Providers chosen to host the loan applications of McBride Financial Services complies with this ...view middle of the document...

Information that falls under the Most Sensitive category may not be outsourced to an ASP.
If the ASP provides confidential information to McBride Financial Services, the ASP sponsor is responsible for ensuring that any obligations of confidentiality are satisfied. This includes information contained in the ASP's application. McBride Financials legal services should be contacted for further guidance if questions about third-party data arise. Projects that do not meet these criteria may not be deployed to any Application Service Provider.
The Information Security Department has to created this document, to make clear the minimum security requirements for Online Loan Applications. All Online Loan Application and Application Service Provider requests must demonstrate compliance with these Standards in order to be considered for use.
The ASP engagement process includes an Information Security evaluation of security requirements. This policy can be provided to ASPs that are either being considered for use by McBride Financial Services, or have already been selected for use.
The Information Security Department may request that additional security measures be implemented in addition to the measures stated in this document, depending on the nature of the project. The Information Security Department may change the requirements over time, and all ASP's involved are expected to comply with these changes.
Application Service Providers that do not meet these requirements may not be used for any McBride Financial Services projects.
Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment. Application Service Providers found to have violated this policy may be subject to financial penalties, up to and including termination of contract.
Application Service Provider (ASP) - ASPs combine hosted software, hardware and networking technologies to offer a service-based application, as opposed to a McBride Financial Services - owned and operated application.


Other Papers Like Security Policy Week 4

HCS 578 Tutorials / hcs578dotcom Essay

561 words - 3 pages regarding the events in the film affected public policy. Do you think the policy changes were fair and effective? Why or why not? Include a separate reference page. Format your paper consistent with APA guidelines ...................................... HCS 578 Week 4 Learning Team Assignment Patient Self-Determination Act Project (UOP) Write a 700- to 1,050-word paper in which your team: Selects a health care agency’s policy

Lab 5 Assessment Questions & Answers

737 words - 3 pages 1. How does a security awareness & training policy impact an organization’s ability to mitigate risks, threats, and vulnerabilities? Security awareness training is a formal process for educating employees about computer security. A good security awareness program should educate employees about corporate policies and procedures for working with information technology (IT).  Employees should receive information about who to contact if they

Itt 255 Lab 6

3922 words - 16 pages 6. Six domains of the CompTIA Security+ certification Course Objectives 1. Explain the concepts of information systems security as applied to an IT infrastructure. 2. Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure. 3. Explain the role of access controls in implementing a security policy. 4. Explain the role of operations and administration in effective implementation of security policy. 5. Explain the

Is404 Week 1 Lab

1109 words - 5 pages . What is the GPMC? The Group Policy Management Console Week 1 Lab Part 2 – IT Domain Controls Assessment Worksheet Design Infrastructure Access Controls for a Network Diagram Overview Fill in the following matrix with security controls to implement sound access controls throughout the seven domains of a typical IT infrastructure. Specify whether the security control achieves C-I-A and how it enhances security for that domain. IT

Kk Course Title

2390 words - 10 pages Nurses and Other Health Professionals. | | | |Reading |Read Ch. 10 of Policy and Politics for Nurses and Other Health Professionals. | | | |Participation – |Participate in class discussion and activities. |Week 4 |20 | |Individual and Group

Lab 5 Assessment Worksheet

692 words - 3 pages 1. What are other available Password Policy options that could be enforced to improve security? Enforce password history, Maximum password age, Minimum password age, Minimum password length, Password must meet complexity requirements, & Store passwords using reversible encryption. 2. Is using the option to ‘Store passwords using reversible encryption’ a good security practice? Why or why not? As it stores passwords without encrypting

Weaknesses Assignment Phase Ii- Security Assessment And Recommendations

1723 words - 7 pages Running head: Security Assessment and Recommendations Week 6: Weaknesses Assignment Phase II- Security Assessment and Recommendations SE571 Principles of Information Security and Privacy Introduction Aircraft Solutions (AS) is a renowned equipment and component fabrication company with the capability to provide full range designs and implantation solutions to different sectors such as defense, aerospace, commercial and electronics

Bus 681 Entire Course

369 words - 2 pages DQ 2 Job Analysis.doc BUS 681 Week 3 Market Competitiveness.doc BUS 681 Week 4 DQ 1 Benefits.doc BUS 681 Week 4 DQ 2 Employer-sponsored Retirement Plans.doc BUS 681 Week 4 Social Security Programs.doc BUS 681 Week 5 Compensation Philosophy.doc BUS 681 Week 5 DQ 1 Executive vs. Non-executive Pay.doc BUS 681 Week 5 DQ 2 Contingent Workers.doc BUS 681 Week 6 DQ 1 Expatriate Pay.doc BUS 681 Week 6 DQ 2

Assignment 4: Internet Technology, Marketing, and Security

1305 words - 6 pages Assignment 4: Internet Technology, Marketing, and Security Bus 508 – Contemporary Business Abstract Modern business depends on complex electronic information systems that require computer and internet capability to keep that information flowing. There is a problem when someone outside of that business relationship between the business and the consumer interferes, or hacks, that information flow. An entire industry has been

Hcs 440 Week 1 Individual Economic Terms And Health Care History

358 words - 2 pages This document MGT 350 Week 2 Learning Team Case Analysis Project Plan Critical Thinking Strategies in Decision Making contains a solution on following task: "Decisions in Paradise Case Analysis Project Plan. Submit the following: 1) Summary of Case 2) Company selected 3) Action Plan, e.g. who and how will this paper be researched and written. UMUC CMIT 425 Security Policy Project Using the GDI Case Study, complete the Security Policy

Beth A Grillo - It540 Management Of Information Security - Assignment - Unit 2

297 words - 2 pages Unit 2 Assignment: Security Policy Implementation Beth A. Grillo, MHA, CPC-A July 19th, 2016 IT540-01: Management of Information Security Dr. Kenneth Flick Kaplan University Table of Contents Unit Two Assignment: Security Policy Implementation 3 Part 1: Step 29 3 Part 1: Step 36 3 Part 3: Step 33 4 Part 3: Significance of Strict Password Policy 5 Reference 6 Unit Two Assignment: Security Policy Implementation Part 1

Related Essays

Global Security Policy Week 5 Cmgt 400

969 words - 4 pages Global Security Policy CMGT-400 Monday, May 11, 2015 Vijay Bhaskar Jonnalagadda Global Security Policy Organizations with offices in multiple countries have to strategically implement personnel, logistics, network configurations, and inventory; but they also have to create a security plan to secure these assets to keep their customer, brand integrity, and profits. Some of the issues faced while maintaining security for a company in

Unit 4 Assignment 1: Enhance An Existing It Security Policy Framework

698 words - 3 pages Quintin Damare’ 1/23/15 Unit 4 Assignment 1: Enhance an Existing IT Security Policy Framework 1. Purpose The purpose of this policy is to define standards for connecting to Richman Investment's network from any host. These standards are designed to minimize the potential exposure to Richman Investment from damages which may result from unauthorized use of Richman’s Investment resources. Damages include the loss of sensitive or company

Course Discription Essay

968 words - 4 pages : Wiley. Article References Barr, J. G. (2012). Business continuity for web sites. Faulkner Information Services, 1-9. Barr, J. G. (2012). Identity management market trends. Faulkner Information Services, 1-10. Barr, J. G. (2013). Common criteria overview. Faulkner Information Services, 1-10. Barr, J. G. (2013). Biometrics market trends. Faulkner Information Services, 1-7. Week One: IT Security Overview Details Due Points

Is4550 Week 5 Lab Essay

1642 words - 7 pages ------------------------------------------------- Week 5 Laboratory: Part 1 Part 1: Assess and Audit an Existing IT Security Policy Framework Definition Learning Objectives and Outcomes Upon completing this lab, students will be able to complete the following tasks: * Identify risks, threats, and vulnerabilities in the 7 domains of a typical IT infrastructure * Review existing IT security policies as part of a policy framework