Monday, August 12, 2019

Certification and accreditation Research Paper Example | Topics and Well Written Essays - 500 words

Certification and accreditation - Research Paper Example However, the information system must meet the approved safeguards or protection in the two domains i.e. technical and managerial. The duration of a typical certification and accreditation process should be executed in sixteen to eighteen months. However the duration will vary due to the complexity level of the networked environment. (Stark, 1994) The dissimilarity between a Certified and an information system auditor is a compliment of both these roles. The certifier will review the systems for compliance with the stated requirements from the regulations, law or the board (Langsley & American Board of, 1983). In contrast, the auditor will validate the results submitted by the certifier for meeting the requirements. However, it is not necessary that an auditor may be a part of the same organization (Stark, 1994). Likewise, information system auditor is responsible for carrying out an independent review or audit of examination of records and activities for accessing the appropriateness of system controls for assuring compliance with policies and procedures. Similarly, a certifier is associated with conducting technical decisions of complying systems with organizational requirements, conducting risk assessment focused on system operation, certification actions and combining or integrating the finalized certification along with accredited packages. The post of this individual is known as Information System Security Manager. Furthermore, the contribution of a reviewer is associated with internal organizational role that falls under the role of a certifier (Stark, 1994). The phase 5 of the Certification and Accreditation process called as Disposal is not addressed. For instance, there is always a disposal phase of any process, system, applications etc. likewise, the process of system disposal, few factors need consideration. These factors are mentioned below: Disposal of Storage devices: if an

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.