Information security system management for Swift Courier Company

Mickey D.

Order the writing of a tailor-made Management Essay

Free quote online

Essay Format .doc

Information security system management for Swift Courier Company

Download

Read an extract

Themes

Information security system management, Swift Courier Company, courier services, Abu Dhabi, United Arab Emirates, UAE

Reader
Abstract
Contents
Extract

Abstract

This paper focuses on the information security management of Swift Courier. Swift Courier is a relatively small company deals in courier services involving the delivery of various goods and services. The company is based in Abu Dhabi and has clients across the United Arab Emirates (UAE). The company interfaces with other international couriers to a great extent. It has been providing services that are specifically aimed at filling the existing gap between freight carriers and national packages, as well as unpredictable and local delivery services. Collectively, the company management team has at least 50 years of experience in areas like transportation planning, logistics, operations, routing, as well as the managing mail/postage delivery. They together ensure that clients receive services that creative, professional, and practical. The company's operations managers ensure that they are always close to the customers. They are also available for any issue requiring immediate attention.

Reason for RFP
Overview of Swift Courier
Contingency planning
Disaster Recovery Plan
Disaster Recovery Team and Responsibilities
Business Continuity Plan
Information Security
The Issuance of the specific security policies (ISSP)
Information Security Awareness
Risk Management

Get this table of contents for free after login.

Extract

[...] He or she should also establish and enforce any other related security policy for the benefit of the company (Alshboul, 2010). The Issuance of the specific security policies (ISSP) Swift Courier will need a number of ISSP. The main ones include: i. SCADA Access allowing only a few IT and management staff ii. Remote access for secure connection iii. Video surveillance to monitor the IT department all time iv. Personal verification that include the use of ID cards to confirm staff identity v. Firewalls to protect all network traffics vi. [...]

[...] One of the risk treatment methods is removing the risk source and ensuring that the cause is properly handled. In addition, the risk can also be taken or increased to pursue another opportunity that may be beneficial to the company. Changing the likelihood and consequences of the risks is also another method of ensuring that the risks are functionally treated and is responsible for ensuring that the company does not face any loss as a result of the risks (Baskerville, 1991). [...]

[...] They failure may cause disruptions that would in turn trigger weaker information system security within the company (Info-Tech Research Group, 2015). It is in this scenario where the need for business impact analysis is required. With various recovery plans to counter each of the possible risks, the possibility of disruptions would hardly occur and the company's information system security would face fewer and weaker threats if any. The respective departments in the company should identify and evaluate the impact of possible disasters. [...]

[...] The IT staff member has to log the same information in the original format. After that, he or she would determine whether incident has a critical impact on the business, the potential impact severity, the main target within the department affected including the operating system, the IP address, and the location of the equipment or information system being targeted, as well as the IP address alongside any meaningful information regarding the attack origin (Alshboul, 2010). A typical incidence plan for an unauthorized access is shown in table 6 below: Table Incident Response Plan for Unauthorized Access After gathering adequate information about the incident, the team members should act according to the nature and impact of the incidence. [...]

[...] Typically, the resource requirement for the backup plan should be in place. The following template shows how the requirements should be structured for Swift Courier. Template: Resource Requirements for the Business Continuity Plan 5. Information Security 2. Enterprice information/data security policy Swift Courier IT department should have an updated enterprice inofrmation security policy. The policy would be very essential to the department and the company at large since it would define the company's information security policies as well as the framework needed for communicating, implimenting, and supoorting such policies. [...]

doc