Professional Documents
Culture Documents
System Security
Principles
.
OUTLINE
I. Introduction
II. Generally Accepted System Security
Principles
III. Common IT Security Practices
IV. Risk Management
V. Common IT Security Practices
(continuation)
II. Generally Accepted System
Security Principles
The principles are generally accepted.
The principles are most commonly being used at the present
time to secure IT resources.
The principles are not new to the security profession.
It is based on the premise that most everyone applies these
when developing or maintaining an IT system.
The eight principles contained in this lecture provide an
anchor on which the IT community should base their IT
security programs.
These principles are intended to guide IT personnel when
creating new systems, practices, or policies.
They are not designed to produce specific answers.
The principles should be applied as a whole, pragmatically
and reasonably.
2.6 Computer Security Requires a
Comprehensive and Integrated Approach 3 of 3