Question

Analyze the critical components of your information security program as it relates to Hollywood Organic Co-op. Justify how the security objectives for the EDMS align with the business objectives.

Identify and describe document access controls and best practices, including:

• Viewing
• Editing
• Copy/paste (including screen capture)
• Printing
• Forwarding e-­mail containing secured e­-documents

Identify, define, and describe document access policies and best practices including:

• Text documents
• Spreadsheets
• Financial statements
• E-mail messages
• Policy and procedure manuals
• Research
• Customer and project data
• Personnel files
• Medical records
• Intranet pages
• Other sensitive information

Identify, define, and describe all stages of the document life cycle and best practices including:

• Creation
• Storage
• Categorizing
• Metadata tagging
• Delivery or sharing
• Repurposing
• Review and reporting archiving and/or destruction

Answer 1

Generally the components of information security are

Confedntiality,

Availability,

Authenticatio,Autherization and integrity will be the key concepts of any file.

Security objectives for EDMS aliign with business objectives--

Alligning security objectives with business aspects is becoming a demanding area of any business in the growing threat issues , If we look today the organization like software development companies , data centres , Web services, Analytics , Digital Markeing , Sales Every one's priority at one or other time.

So primarily Allign your security with your profitability

Because Even the comapnies like Apple are facing Security breaches and are getting sued from their own customers you need to get this on your top priority

Assesing the risks

When it comes to assesment many are getting caught up if they scale their security by assesing them correctly we may not get these threats from hackers and our data will not go for sale in dark web

Scale Your Security with your company growth

prioratising the needs will always remains top for company at any stage no matter small or big if you failed here you are out of compeition same goes for security if loose customer belief your good will gets damage and its start for your downfall

Document access controlls

Always use Encryption for the transfer of the files of any format it gives you extra edge of security over senstive data.

Here for the acess controlls like Viewing Editing Copying many Softwares are developed for the Controlling the data at any stage like Technically Maintaining Versions of file which related to senstivity and giving acess and controlling the users with authentications or Prioratizations.

and for transfer in emails or any meansof transferring the files. Encryption is the best method most effective with least cost.

You can control any documents by using data security offerings of the given formats above like text and other documents

For Spreadsheets you can directly control who can view and who can edit as per its acess policies.

Financial statement has autherizations , bankstatements and all the senstive information like the numbers of the product offerings and all.

Policy and procedure mannuals: A policy is a statement that outline all the principals and views of the business the procedure to be followed.

For remaining all the platforms like reaseach papers and medical records the acess policies will be like viewing can be done by all the authorized profesionals and editing will require some authorizations as the senstive informations will always saves a copy more over there will be like verision controll methodology as they can see who edited the file at which stage .

Life stages of the document:

Creation: primary one where it records the creator id,name ,place and evrything which needs and the data will be in a raw format and stored will be like an primary verision

Storage: Storing of the created document will be in different ways as the document senstivity it will be stored in more than one copy in more than one place , for moderately important information will be stored in 3 copies and the storage of the data about the data technically metada will come in next steps.

Categerization: Data will be categerized according to the format and the context of the data and for what it is developed and its dynamic cant say particularly a fixed process for any file according to context and format its mainly decided where it will be placed.

Meta data tagging : the data about data is called meta data and it is linked to the memory location where the data is stored .

Delivery or sharing : delivery and sharing of the data to the particular receiver from the host by means of transfer the data by bits and streams of the data created these will ensure the data what we send will be reach the receiver with less deviation.   

Repurposing : it means the data which is collected and it is used for the comletely different purpose then it is called repurposing it can be done and useful in many ways it the life cycle of the data we created at last the goal of the data created is to be used .

Review and report acheiving or destruction: Reviewing of the data about the data for what it is created for and reporting about it , destruction means its last stage of the life cycle.