Development of information security (infosec) policy of the web server and web application at PT. XYZ
Since the emerging of the internet, there is an increase of hackers trying to exploit the vulnerabilities of web applications and websites. This problem occurs at pt. Xyz. 15 out of a total of 38 (39%) of its public websites have suffered attacks. In 2013, the estimated average attacks could increase to 12 attacks a year. Thus, an effective management control to address this issue is to develop information security policy. The objective of this policy is to manage the information security and ensuring the confidentiality, integrity, and availability of the data, information, and business functions of the web server including its internal web applications and public websites. The policy development methodology is similar to the systems development life cycle (sdlc) model. After an early policy draft is developed, an expert panel reviews and approves it. Then, it is repeatedly revised in response to the prior expert panel?s Comments. Organizations must always keep updates on reliable and credible information security publications, studies, and best practices, such as, from german federal office for security in it (bsi), nist, and owasp. After the expert panel?s Approval, a final policy draft is developed and can be implemented at pt. Xyz.
Availability
| M00280 | (wh) | Available |
Detail Information
- Series Title
-
-
- Call Number
-
280
- Publisher
- : Swiss German University., 2013
- Collation
-
-
- Language
-
English
- ISBN/ISSN
-
-
- Classification
-
NONE
- Content Type
-
-
- Media Type
-
-
- Carrier Type
-
-
- Edition
-
-
- Subject(s)
- Specific Detail Info
-
-
- Statement of Responsibility
-
-
Other version/related
No other version available
File Attachment
Comments
You must be logged in to post a comment
Computer Science, Information & General Works 
Philosophy & Psychology 
Religion 
Social Sciences 
Language 
Pure Science 
Applied Sciences 
Art & Recreation 
Literature 
History & Geography