Information security Acme Distribution Center needs to develop guidelines for classifying information access based on job responsibilitiesnot organizational position Instructions 1 Review the information classification standard (Table 1) and the associated job roles list for Acme 2 In the Information Classification Standard Matrix beginning on page 3, align the information classification standard with appropriate access control based on job roles Table 1 Acme Incorporated Information Classification Standard Information Classification Potential Impact Types of Information Public None or limited Mention in local media No impact on operations, financial performance, or public image Published documents, Web pages, newspaper advertisements, non sensitive, information Internal Use Only Limited impact from negative publicity Slight image or financial harm not prolonged or severe in nature Internal memorandums of operations, continuing contracts, private customer information, short term operating results, and strategy Confidential More severe than limited Impact from negative publicity for up to six months Moderate image or financial harm of less than $5 million over 6 to 12 months Critical and sensitive operating reports, personnel records, pay records, medical records, severe workforce management information, and periodic financial information reported to the public Restricted Severe impairment to public image and financial operations Impairs customer and public trust More than $10 million loss in three months Sustained negative publicity expected for one or more years Impairs ability to execute operation and strategic initiatives Strategic plans, communications with the board of directors or with joint venture boards of directors, internal investigations, strategic expansion plans, and associated workforce management Acme Incorporated Job Roles Chief Executive Officer (CEO) Senior VP of International Acquisitions Executive VP of Marketing VP of Human Resources Plant Manager Southwest Region General Manager Southwest Region Store Manager Northwest Region Store Sales Clerk Information Security Specialist Customer Board members Acme Incorporated Information Classification Standard Matrix Document to Classify Public Internal Use Only Confidential Restricted Who Should Have Access Monthly terminations and new hires report (company wide) Contract for long term lease in Singapore China sales forecast with projected revenue based on three year expansion plan Northwest Region sales results by product category Community involvement information published on corporate Intranet released by public affairs Northwest Region manpower workforce reduction report Southwest Region weekly store operating results Strategic planning documents for changing core organizational functions Online product catalog Executive reports to the board of directors Internal fraud investigation from Southwest Region involving the Southwest Region General Manager

The Answer is in the image, click to view ...

Question: Information security Acme Distribution Center needs to develop guidelines for classifying information access based on job responsibilitiesnot organizational position. Instructions: 1. Review the information classification

Information security

Acme Distribution Center needs to develop guidelines for classifying information access based on job responsibilitiesnot organizational position. Instructions:

1. Review the information classification standard (Table 1) and the associated job roles list for Acme.

2. In the Information Classification Standard Matrix beginning on page 3, align the information classification standard with appropriate access control based on job roles.

Table 1: Acme Incorporated Information Classification Standard

Information Classification	Potential Impact	Types of Information
Public	None or limited Mention in local media No impact on operations, financial performance, or public image	Published documents, Web pages, newspaper advertisements, non-sensitive, information
Internal Use Only	Limited impact from negative publicity Slight image or financial harm not prolonged or severe in nature	Internal memorandums of operations, continuing contracts, private customer information, short-term operating results, and strategy
Confidential	More severe than limited Impact from negative publicity for up to six months Moderate image or financial harm of less than $5 million over 6 to 12 months	Critical and sensitive operating reports, personnel records, pay records, medical records, severe workforce management information, and periodic financial information reported to the public
Restricted	Severe impairment to public image and financial operations Impairs customer and public trust More than $10 million loss in three months Sustained negative publicity expected for one or more years Impairs ability to execute operation and strategic initiatives	Strategic plans, communications with the board of directors or with joint venture boards of directors, internal investigations, strategic expansion plans, and associated workforce management

Acme Incorporated Job Roles

Chief Executive Officer (CEO)*
Senior VP of International Acquisitions*
Executive VP of Marketing*
VP of Human Resources
Plant Manager
Southwest Region General Manager
Southwest Region Store Manager
Northwest Region Store Sales Clerk
Information Security Specialist
Customer

* Board members

Acme Incorporated Information Classification Standard Matrix

Document to Classify	Public	Internal Use Only	Confidential	Restricted	Who Should Have Access
Monthly terminations and new hires report (company-wide)
Contract for long-term lease in Singapore
China sales forecast with projected revenue based on three-year expansion plan
Northwest Region sales results by product category
Community involvement information published on corporate Intranet released by public affairs
Northwest Region manpower workforce reduction report
Southwest Region weekly store operating results
Strategic planning documents for changing core organizational functions
Online product catalog
Executive reports to the board of directors
Internal fraud investigation from Southwest Region involving the Southwest Region General Manager

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related General Management Questions!

Acme Distribution Center needs to develop data classification guidelines for classifying data access based on job responsibilities not organizational position.

Course Summary IS-200.b - ICS for Single Resources and Initial Action Incidents Lesson 1: Course Overview Course Welcome The Emergency Management Institute developed ICS 200, ICS for Single Resources...

I need a 10 page paper for my MIS class. Please do not copy and paste as my school is getting stricter on plagiarism. I have attached the assignment and the sample \fData Analytic Thinking 1 Data...

ISSUES IN ACCOUNTING EDUCATION Vol. 26, No. 3 2011 pp. 521-545 American Accounting Association DOI: 10.2308/iace-50031 Breach of Data at TJX: An Instructional Case Used to Study COSO and COBIT, with...

Chapter 9 Compensation and Incentives Diane Bigda/Photodisc/Getty Images Learning Objectives After reading this chapter, you should be able to do the following: Discuss various psychological...

Hello, I am struggling with this assignment, I am unable to determine the below questions based off the attached 10K. I have also attached a spreadsheet from another answer to a part of this question...

Please help, this is actually due today and the person who said they would answer this question that was initially due last night. Thank you for the help if possible. I need help with putting the...

Hello, I need some assistance with this project. I have everything completed except the third and fourth question (located in the instruction project document. 3.)You are a security analyst...

Alavi & Leidner/Knowledge Management MISQ REVIEW REVIEW: KNOWLEDGE MANAGEMENT AND KNOWLEDGE MANAGEMENT SYSTEMS: CONCEPTUAL FOUNDATIONS AND RESEARCH ISSUES1, 2 By: Maryam Alavi John and Lucy Cook...

TANGLEWOOD CASEBOOK for use with STAFFING ORGANIZATIONS 5th Ed. Kammeyer-Mueller 1 TANGLEWOOD CASEBOOK To accompany Staffing Organizations, fifth edition, 2006. Prepared by John Kammeyer-Mueller...

Advertising is said to be a deposit in the brand equity bank, but only if the advertising is strong. Explain.

Oricon Paper Corporation started its business on May 1, 2018. Based on its Articles of Incorporation the corporation is authorized to issue 500,000 ordinary shares with P 20 par value per share....

With regard to partnership debts and liabilities in a general partnership, partners are: Question 7 options: personally jointly and severally liable for unpaid debts and liabilities. not personally...

WACC The Patrick Company's year-end balance sheet is shown below. Its cost of common equity is 18%, its before-tax cost of debt is 11%, and its marginal tax rate is 40%. Assume that the firm's...