Free Essay

Security Policy Week 4

In:

Submitted By flavor89
Words 528
Pages 3
This document is to describe the Information Security requirements of Online Application Services and Application Service Providers that engage in business with McBride Financial Services. This policy applies to any use of Online Loan Applications (OLA) and any outsourcing to Application Service Providers (ASP) by McBride Financial Services, independent of where hosted. The Online Loan Application or Application Service Provider's Sponsor must first establish that its project is an appropriate one for the OLA/ASP model, prior to engaging in any additional infrastructure teams within McBride Financial Services or any external Application Service Providers. The department wanting to use an Online Loan Application or any Application Service Providers service must confirm that the Application Service Providers chosen to host the loan applications of McBride Financial Services complies with this policy. The Business Function to be outsourced must be evaluated against the following. The requester must go through the OLA/ASP engagement process with the Information Security Department to ensure affected parties are properly engaged. In the event that McBride Financial Services data or loan applications are to be manipulated by, or hosted at, any ASP's service, the ASP sponsor must have written, explicit permission from the data/application owners. A copy of this permission must be provided to the Information Security. The information to be hosted by an ASP must fall under the Minimal or More Sensitive categories. Information that falls under the Most Sensitive category may not be outsourced to an ASP. If the ASP provides confidential information to McBride Financial Services, the ASP sponsor is responsible for ensuring that any obligations of confidentiality are satisfied. This includes information contained in the ASP's application. McBride Financials legal services should be contacted for further guidance if questions about third-party data arise. Projects that do not meet these criteria may not be deployed to any Application Service Provider. The Information Security Department has to created this document, to make clear the minimum security requirements for Online Loan Applications. All Online Loan Application and Application Service Provider requests must demonstrate compliance with these Standards in order to be considered for use. The ASP engagement process includes an Information Security evaluation of security requirements. This policy can be provided to ASPs that are either being considered for use by McBride Financial Services, or have already been selected for use. The Information Security Department may request that additional security measures be implemented in addition to the measures stated in this document, depending on the nature of the project. The Information Security Department may change the requirements over time, and all ASP's involved are expected to comply with these changes. Application Service Providers that do not meet these requirements may not be used for any McBride Financial Services projects. Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment. Application Service Providers found to have violated this policy may be subject to financial penalties, up to and including termination of contract. Application Service Provider (ASP) - ASPs combine hosted software, hardware and networking technologies to offer a service-based application, as opposed to a McBride Financial Services - owned and operated application.

References

Similar Documents

Free Essay

Ajs 582 Entire Course

...Course AJS 582 Week 1 DQ1 AJS 582 Week 1 DQ 2 AJS 582 Week 1 Individual Assignment Criminal Justice Policy Process Paper AJS 582 Week 2 DQ1 AJS 582 Week 2 DQ 2 AJS 582 Week 2 DQ3 AJS 582 Week 2 Individual Assignment Criminal Justice Policy-Making Matrix and Paper AJS 582 Week 3 DQ1 AJS 582 Week 3 DQ2 AJS 582 Week 3 DQ3 AJS 582 Week 3 Learning Team Assignment Public Opinion Poll and Paper AJS 582 Week 4 DQ1 AJS 582 Week 4 DQ2 AJS 582 Week 4 DQ3 AJS 582 Week 4 Individual Assignment Policing Policies Analysis AJS 582 Week 5 DQ1 AJS 582 Week 5 DQ2 AJS 582 Week 5 DQ3 AJS 582 Week 5 Individual Assignment Sentencing Policies Analysis AJS 582 Week 6 DQ1 AJS 582 Week 6 DQ2 AJS 582 Week 6 DQ3 AJS 582 Week 6 Learning Team Assignment Criminal Justice or Security Policy Issues Paper and Presentation AJS 582 Week 6 Learning Team Assignment Criminal Justice or Security Policy Issues Paper and Presentation AJS 582 Entire Course To Purchase this Tutorial Copy And Paste Below Link In Your Browser http://www.homeworkwarehouse.com/downloads/ajs-582-entire-course/ For Any Information or Any Class Which you Did not find on Our Website, Just Hit US Email On below address Visit : www.homeworkwarehouse.com Email Us : Homeworkwarehouse@gmail.com AJS 582 Entire Course AJS 582 Week 1 DQ1 AJS 582 Week 1 DQ 2 AJS 582 Week 1 Individual Assignment Criminal Justice Policy Process Paper AJS 582 Week 2 DQ1 AJS 582 Week 2 DQ 2 AJS 582 Week 2 DQ3 AJS 582 Week 2 Individual Assignment...

Words: 464 - Pages: 2

Premium Essay

It 244 Week 1

...sections of an Information Security Policy. Final Project Timeline You should budget your time wisely and work on your project throughout the course. As outlined below, the assignments in the course are designed to assist you in creating your final project Information Security Policy. If you complete your course activities and use the feedback provided by the instructor, you will be on the right track to successfully complete your final project of creating an Information Security Policy. □ Week One: Introduction Review the two company profiles provided in your syllabus and select the one you will use for your final project company. You design the Information Security Policy for this company throughout the course. Once you have decided which company you are using, it may not be changed; therefore, considerable thought should be put into this decision. Next, decide which type of information security policy—program-level, program-framework, issue-specific, or system-specific—is appropriate for your final project company. Assignment: Final Project Information Security Policy: Introduction Complete and submit Appendix C. Note. Section 1 Introduction of Appendix C corresponds to Section 2 of Appendix B in the final compilation due in Week Nine. In completing Appendix C, provide an overview of your final project company, describe the type of security policy that is appropriate for your scenario, and explain your security goals in terms of confidentiality...

Words: 899 - Pages: 4

Premium Essay

Dfhdfh

... |College of Natural and Behavioral Sciences | | |Department of Computer Science | | |http://csc.csudh.edu | |Course Title: |Communication Systems Security | |Course Number: |CTC 362 | |Instructor Name: | Mehrdad S. sharbaf, ph.d. msharbaf@csudh.edu, Office: tba, phone: tba, office Hours: tba | |Date: |Spring Semester, 2016 | |Course Length: |_15_ Weeks | |Web Companion |N/A | |Blackboard Web Site |HTTP://toro.csudh.edu...

Words: 1433 - Pages: 6

Premium Essay

Security Issues

... |CMGT/582 | | |Security & Ethics | Copyright © 2010, 2009 by University of Phoenix. All rights reserved. Course Description The ethical issues examined in the course include information privacy, accessibility, and ownership from an organizational perspective. Information laws, regulations, and compliance requirements are examined in this course as well as the considerations for creating a safe digital environment within the organization. Policies Faculty and students or learners will be held responsible for understanding and adhering to all policies contained within this syllabus and the following two additional documents: University policies: You must be logged into the student website to view this document. Instructor policies: This document is posted in the Course Materials forum. University policies are subject to change. Be sure to read the policies at the beginning of each class. Policies may be slightly different depending on the modality in which you attend class. If you have recently changed modalities, read the policies governing your current class modality. Instructor policies will vary by course, so read these carefully to see what your instructor requires. Course Materials Bunting, S. (2008). EnCase® computer forensics: The official...

Words: 2637 - Pages: 11

Premium Essay

Dlis Information Security Risk Assessment

...Purpose AND SCOPE 4 Key Roles and Responsibilities 4 Risk Management Process and Activities 5 Risk Management Plan Audit Log 5 Risk Assessment and Management Table 6 COMPLIANCE LAWS AND REGULATIONS 8 PROPOSED SCHEDULE 9 Risk Management Plan Approvals 10 * Department: Information Technology Product or Process: Risk Management Document Owner: Battle Creek, MI IT Version | Date | Author | Change Description | 0.1 | 1/6/14 | RFranklin | Initial Draft | 0.2 | 01/12/14 | RFranklin | Revision 1 | 0.3 | 1/13/14 | RFranklin | Revision 2 | * Project Risk Management Plan Purpose and Scope The purpose of this Risk Management Plan is to identify the strategies, methods, and procedures to be used within the Michigan Air National Guard, Battle Creek, Michigan supply chain in identifying, evaluating, and mitigating the risk involved in daily and long term operations. All Department of Defense and federal agencies must at least comply with the minimum standards set forth in Law, DOD directives, branch of service regulations, and local base regulations. This plan provides local guidelines for applying the FISMA standards using the NIST guidelines and procedures. The Scope of this plan is limited to the Michigan Air National Guard facilities, Battle Creek Michigan Information Technology facilities which need to be in compliance with the Defense Logistics Information Service policy. This limits the...

Words: 1209 - Pages: 5

Premium Essay

Cmgt 244 Entire Course

...Description CMGT 244 Week #1 DQ 1 CMGT 244 Week #1 DQ 2 CMGT 244 Week #1 DQ 3 CMGT 244 Week #1 DQ 4 CMGT 244 Week #1 DQ 5 CMGT 244 Week #1 DQ 6 WEEK 2 CMGT 244 Week #2 DQ 1 CMGT 244 Week #2 DQ 2 CMGT 244 Week #2 DQ 3 CMGT 244 Week #2 DQ 4 CMGT 244 Week #2 DQ 5 WEEK 3 CMGT 244 Week #3 DQ 1 CMGT 244 Week #3 DQ 2 CMGT 244 Week #3 DQ 3 CMGT 244 Week #3 DQ 4 CMGT 244 Week #3 DQ 5 WEEK 4 CMGT 244 Week #4 DQ 1 CMGT 244 Week #4 DQ 2 CMGT 244 Week #4 DQ 3 CMGT 244 Week #4 DQ 4 WEEK 5 CMGT 244 Week #5 DQ 1 CMGT 244 Week #5 DQ 2 CMGT 244 Week #5 DQ 3 CMGT 244 Week #5 DQ 4 CMGT 244 Week 1 DQs CMGT 244 Week 2 DQs CMGT 244 Week 2 Assignment CMGT 244 Week 3 DQs CMGT 244 Week 3 Assignment Establishing a Secure Computer Room CMGT 244 Week 4 DQs CMGT 244 Week 4 Assignment Intro to OSI Model CMGT 244 Week 5 DQs CMGT 244 Week 5 Final Project Information Security Policy for the Bloom Design Group Paper CMGT 244 Week 5 Information Security Policy for the Bloom Design Group Presentation PPT A++ graded !! CMGT 244 ENTIRE COURSE http://www.homeworkproviders.com/shop/cmgt-244-entire-course/ CMGT 244 ENTIRE COURSE Product Description CMGT 244 Week #1 DQ 1 CMGT 244 Week #1 DQ 2 CMGT 244 Week #1 DQ 3 CMGT 244 Week #1 DQ 4 CMGT 244 Week #1 DQ 5 CMGT 244 Week #1 DQ 6 WEEK 2 CMGT 244 Week #2 DQ 1 CMGT 244 Week #2 DQ 2 CMGT 244 Week #2 DQ 3 CMGT 244 Week #2 DQ 4 CMGT 244 Week #2 DQ 5 WEEK 3 CMGT 244 Week #3 DQ 1 CMGT 244 Week #3 DQ 2 CMGT...

Words: 522 - Pages: 3

Premium Essay

Cmgt 244 Entire Course

...Description CMGT 244 Week #1 DQ 1 CMGT 244 Week #1 DQ 2 CMGT 244 Week #1 DQ 3 CMGT 244 Week #1 DQ 4 CMGT 244 Week #1 DQ 5 CMGT 244 Week #1 DQ 6 WEEK 2 CMGT 244 Week #2 DQ 1 CMGT 244 Week #2 DQ 2 CMGT 244 Week #2 DQ 3 CMGT 244 Week #2 DQ 4 CMGT 244 Week #2 DQ 5 WEEK 3 CMGT 244 Week #3 DQ 1 CMGT 244 Week #3 DQ 2 CMGT 244 Week #3 DQ 3 CMGT 244 Week #3 DQ 4 CMGT 244 Week #3 DQ 5 WEEK 4 CMGT 244 Week #4 DQ 1 CMGT 244 Week #4 DQ 2 CMGT 244 Week #4 DQ 3 CMGT 244 Week #4 DQ 4 WEEK 5 CMGT 244 Week #5 DQ 1 CMGT 244 Week #5 DQ 2 CMGT 244 Week #5 DQ 3 CMGT 244 Week #5 DQ 4 CMGT 244 Week 1 DQs CMGT 244 Week 2 DQs CMGT 244 Week 2 Assignment CMGT 244 Week 3 DQs CMGT 244 Week 3 Assignment Establishing a Secure Computer Room CMGT 244 Week 4 DQs CMGT 244 Week 4 Assignment Intro to OSI Model CMGT 244 Week 5 DQs CMGT 244 Week 5 Final Project Information Security Policy for the Bloom Design Group Paper CMGT 244 Week 5 Information Security Policy for the Bloom Design Group Presentation PPT A++ graded !! CMGT 244 ENTIRE COURSE http://www.homeworkproviders.com/shop/cmgt-244-entire-course/ CMGT 244 ENTIRE COURSE Product Description CMGT 244 Week #1 DQ 1 CMGT 244 Week #1 DQ 2 CMGT 244 Week #1 DQ 3 CMGT 244 Week #1 DQ 4 CMGT 244 Week #1 DQ 5 CMGT 244 Week #1 DQ 6 WEEK 2 CMGT 244 Week #2 DQ 1 CMGT 244 Week #2 DQ 2 CMGT 244 Week #2 DQ 3 CMGT 244 Week #2 DQ 4 CMGT 244 Week #2 DQ 5 WEEK 3 CMGT 244 Week #3 DQ 1 CMGT 244 Week #3 DQ 2 CMGT 244 Week #3 DQ 3 CMGT...

Words: 532 - Pages: 3

Premium Essay

Le Vlademe Eh

...El Paso Community College Syllabus Instructor’s Course Requirements I. Course Number and Instructor Information ITSY 2300- ‘Operating Systems Security’ Instructor: Danny A. Dominguez Campus and Office Number: Valle Verde Campus - Room A-1109 Office/Voice Mail Number: (915) 831-2833 Office Hours: Monday/Wednesday/Friday 8:00am – 9:00am 11:00am – 12:00pm Monday/Wednesday 3:00pm - 5:00pm By Appointment E-Mail Address: adomi146@epcc.edu II. Text and Materials A. Fundamentals of Information Systems Security 2nd Edition, Kim, David. Students have two options. They can order from the EPCC campus bookstore, or they can order from the publishers shopping portal (www.shopjblearning.com). Below are the bundle breakdowns and options: OPTION 1: Purchase at EPCC Bookstore: Printed Access Code (For Bookstore) Print Bundle: a. Print Text + Virtual Lab Access/eLab Manual ISBN: 978-1-284-07445-1 Bookstore sets student price: eBundle: a. eBook Rental + Virtual Lab Access/eLab Manual ISBN: 978-1-284-07444-4 Bookstore sets student price: OPTION 2: JONES & BARTLETT: E-mailed Access Code (For Student). Students can go to: www.shopjblearning.com, enter the ISBN in the Search field, and then Add to Cart- proceeding through the checkout process. Print Bundle: b. Print Text + Virtual Lab Access/eLab Manual ISBN: 978-1-284-07440-6 Approx. cost to the student:...

Words: 1345 - Pages: 6

Premium Essay

Assess the Impact on Access Controls for a Regulatory Case Study Learning Objectives and Outcomes

...Week 1 Lab Part 1: Assess the Impact on Access Controls for a Regulatory Case Study Learning Objectives and Outcomes Upon completing this lab, students will be able to complete the following tasks: 1. Configure user accounts and access controls in a Windows Server according to role-based access implementation 2. Configure user account credentials as defined policy, and access right permissions for each user 3. Create and administer Group Policy Objects for the management of Windows Active Directory Domain machines within the IT infrastructure 4. Apply the correct Group Policy Object definitions per requirements defined by policies and access right permissions for users 5. Assign and manage access privileges as requested in the case study to apply the recommended and required security controls for the user accounts Week 1 Lab Part 1 - Assessment Worksheet Assess the Impact on Access Controls for a Regulatory Case Study Overview Watch the Demo Lab in the Week 1 Learning Space Unit 1, and answer the questions below. The lab demonstrates creating an Active Directory domain as well as user and group objects within the new domain. Directories will be created and permissions assigned based on the required access control as defined in the matrix. Group Policy Objects will also be created and linked to Objects within the domain to enforce security settings. Lab Assessment Questions & Answers 1. What does DACL stand for and what...

Words: 1428 - Pages: 6

Premium Essay

Modern Day Pychology

...Information: 877-642-2999 Backboard Helpdesk: 866-350-9427 Inclement Weather Policy In the event of inclement weather, consult the Strayer University student website at www.strayer.edu for information on University closings and delays. Be sure to monitor the website for updates as they occur. Additionally, the student is required to contact me at Jason.Powers@strayer.edu. |4/8/2013 |Term Start Date | |  |  |  |  | |Week 1 |  |Week 7 |  | |  |4/9/2013 |  |5/21/2013 | |Week 2 |  |Week 8 |  | |  |4/16/2013 |  |5/28/2013 | |Week 3 |  |Week 9 |  | |  |4/23/2013 |  |6/4/2013 | |Week 4 |  |Week 10 |  | |  |4/30/2013 |  |6/11/2013 | |Week 5 |  |Week 11 |  | |  |5/7/2013 |  |6/18/2013 | |Week 6 |  |...

Words: 6563 - Pages: 27

Premium Essay

Syllubus

...Justice and Security | | |CJS/250 Version 2 | | |Introduction to Security | Copyright © 2009, 2007 by University of Phoenix. All rights reserved. Course Description This course is an introduction to contemporary security practices and programs. Students will study the origins of private security, its impact on our criminal justice system, and the roles of security personnel. Students will also examine the growth and privatization of the security industry, and study the elements of physical security including surveillance and alarm systems. The course will cover legal and liability issues, which determine the extent of private security authority as well as its limitations. This course will also focus on the current and future integration of private security services in law enforcement agencies. Policies Faculty and students/learners will be held responsible for understanding and adhering to all policies contained within the following two documents: • University policies: You must be logged into the student website to view this document. • Instructor policies: This document is posted in the Course Materials forum. University policies are subject to change. Be sure to read the policies at the beginning...

Words: 1941 - Pages: 8

Premium Essay

Acc544 Syllabus

...include an overview of control, risk management, internal control systems, controls for current asset functions, controls for other accounting classifications, controls for information technology systems, and reporting on controls. Policies Students will be held responsible for understanding and adhering to all policies contained within the following two documents: • University policies: You must be logged into the student website to view this document. • Instructor policies: This document is posted in the Course Materials forum. University policies are subject to change. Be sure to read the policies at the beginning of each class. Policies may be slightly different depending on the modality in which you attend class. If you have recently changed modalities, read the policies governing your current class modality. Course Materials Louwers, T. J., Ramsay, R., Sinason, D., & Strawser, J. (2007). Auditing and assurance services: A look beneath the surface (2nd ed.). New York, NY: McGraw-Hill. McCarthy, M. P. & Flynn, T. P. (2004). Risk from the CEO and board perspective: What all managers need to know about growth in a turbulent world. New York, NY: McGraw-Hill. Raval, V. H. & Fichadia, A. (2007). Risks, controls, and security: Concepts and applications. Hoboken, NJ: John Wiley & Sons. Weygandt, J. J., Kimmel, P. D., & Kieso, D. E. (2008). Managerial accounting: Tools for business decision making (4th ed.). Hoboken, NJ: John Wiley & Sons. All electronic...

Words: 1676 - Pages: 7

Premium Essay

Security Policies and Implementation Week Four Lab

...------------------------------------------------- Sara ------------------------------------------------- 10/11/2014 ------------------------------------------------- Week 4 Laboratory: Part 1 Part 1: Identify Necessary Policies for Business Continuity - BIA & Recovery Time Objectives Learning Objectives and Outcomes Upon completing this lab, students will be able to complete the following tasks: * Identify the major elements of a Business Continuity Plan (BCP) * Align the major elements of a Business Continuity Plan with required policy definitions * Review the results of a qualitative Business Impact Analysis (BIA) for a mock organization * Review the results of defined Recovery Time Objectives (RTOs) for mission-critical business functions and applications * Create a BCP policy defining an organization’s prioritized business functions from the BIA with assigned RTOs Week 4 Lab Part 1: Assessment Worksheet (PART A) Sample Business Impact Analysis for an IT Infrastructure Overview When conducting a BIA, you are trying to assess and align the affected IT systems, applications, and resources to their required recovery time objectives (RTOs). The prioritization of the identified mission-critical business functions will define what IT systems, applications, and resources are impacted. The RTO will drive what type of business continuity and recovery steps are needed to maintain IT operations within the specified time...

Words: 1852 - Pages: 8

Premium Essay

Fin 350 Wk 8 Assignment 2

...Institutions, Part 2 Choose three (3) types of securities from any of the financial markets covered in the textbook during Weeks 1 through 7. Pick securities you would enjoy researching for this assignment. Write a five to six (5-6) page paper in which you: 1. Analyze the role financial markets play in creating economic wealth in the U.S. 2. Provide a general overview of each of the three (3) securities you chose. Be sure to include such information as name, company it represents (if applicable), pricing, and historical performance. 3. Assess the current risk return relationship of each of the three (3) securities. 4. Recommend one (1) strategy for maximizing return for the current risk return relationship identified for each of the three (3) securities. 5. Suggest how the Federal Reserve and its monetary policy affect each of the three (3) securities today. More Details hidden... Activity mode aims to provide quality study notes and tutorials to the students of FIN 350 WK 8 Assignment 2 in order to ace their studies. FIN 350 WK 8 ASSIGNMENT 2 To purchase this visit here: http://www.activitymode.com/product/fin-350-wk-8-assignment-2/ Contact us at: SUPPORT@ACTIVITYMODE.COM FIN 350 WK 8 ASSIGNMENT 2 FIN 350 WK 8 Assignment 2 - Financial Markets and Institutions, Part 2 Choose three (3) types of securities from any of the financial markets covered in the textbook during Weeks 1 through 7. Pick securities you would enjoy researching for this assignment...

Words: 1086 - Pages: 5

Premium Essay

Network Security

...[pic] [pic] |School of Science and Technology | |Department of Information Technology | |ISSC361: IT Security: Information Assurance | |3 Credit Hours | |8 Week Course | |Prerequisite(s) :None | |Table of Contents | |Instructor Information |Evaluation Procedures | |Course Description |Grading Scale | |Course Scope |Course Outline | |Course Objectives |Policies | |Course Delivery Method |Academic Services | |Resources |E-Book Links | |Instructor Information ...

Words: 4918 - Pages: 20