TOPIC 4.0 Information Security Governance Principles

To manage employee attendance

To protect information assets

To monitor social media usage

To control internet access

Password

Biometrics

Security token

PIN

Public, Confidential, Highly Sensitive

Physical, Logical, Abstract

High, Medium, Low

Open, Closed, Restricted

To compress data for faster transfer

To make data unreadable without the encryption key

To archive old data

To backup data automatically

Ethics Policy

Acceptable Use Policy (AUP)

Need to Know Policy

Document Disposal Policy

To ensure faster file access

To limit access and prevent unauthorized data breaches

To reduce system performance issues

To enable anyone to modify documents

Allow former employees limited access to systems

Revoke access rights and retrieve company assets

Prevent employees from resigning

Grant employees additional privileges

It restricts access to only the information necessary for an employee’s job role

It ensures everyone has access to all company data

It monitors employee productivity

It grants access based on personal preferences

By requiring multiple passwords

By allowing users to access multiple systems with one set of credentials

By storing passwords in plaintext

By preventing users from accessing multiple systems

Using password policies

Implementing key cards and biometric systems

Encrypting all company emails

Conducting cybersecurity awareness training