Implementation of the plan requires preparing a detail project on the security information. The creation of project plan is often assign to project manager or to the decision maker to calculate the cost of security. Project plan of physical security could be prepared by using simple tools and methodology in the working structure. The budget plan is prepared in the way which could be define in such a way:

The above table shows that how resources are utilized on a specific security which shows different level of consumption of resources with estimated expenses. The major work plan should be distributed with the attributes for each work in the plan (C. Y. Ku, et al., 2009).

Implementation of security information through staffing, enumerating credentials, supporting policies and practices

Whenever there is implementation of the information security, there are many resources which may be created in the staffing and grading of the resources which could impact the IT function of the computer to save the data. When the information security plan is being in updating, employees get threat to feel that there may be lost of data in the computer. At the time of implementation of the information security there may be many issues to enforce the data. The general management of the community must work with the information security to integrate the information security in the management practice so it could be possible for data security. Security function in an organization could be placed with IT functions, physical security system and information security function. It also take insurance and risk management into consideration to deal the threat of risk management. Organizations requires proper enforcement of the needs of education training and security functions which could be helpful in security information.

While implementing the physical security, selecting personnel also based on the criteria which include examines supply and demand. Several expertise of the implementation of the security function keep in view the market forces and determine that which segment is most risky in matter of the security threat. These measures are taken in to consideration until it reach at maximum cost which is unaffordable for the organization. In the present time of information security, organizations are setting the demand with the individual principle of security to protect the data. Information security system use standard of jobs as they are assigned work. This role refers to the people or group of people who are working in the organization to guarantee about the risk factor. They are responsible for the overall strategic goals of the company to meet the requirements of the business functions. For example, CEO, board of directors and CIO who are working with the strategic department of the business. Different executives perform different role in the protection of data through information security and physical security.

Chief Executives Officer (CEO) also have a high performance role which includes the responsibility of the senior management to protect the information with positive attitude to influence the risk which could be assessed by the unauthorized way. He has some basic responsibility relevant to his job as to integrate the procedure of information security to make easy the functions of the business (A. Ahmad, et al., 2014).

Chief Information Officer (CIO) is a security dealing authority in the organization who deals with the management to designate them at different vacant which secure the data as well as implement the strategies at senior managers to control the techniques of saving the data. These are the persons who are personally trained to do secure the information. His basic strategies. His basic responsibilities are to allocate the resources to secure the information and function of the organization. He gives surety that the system of the business is fully security of the data which is compulsory to impact in positive way of security system of the organization which make sure that the system is being run smoothly with effective management.

The security system of the organization also based on different key authorities which are responsible to protect the data in soft and hard form. The data in the computer or system of the organization are protected through information security while data in physical form is protected through physical security measures in the organization. The authority line is complete with CEO to technician which fulfil the requirement of the security information (L. Ertaul & Sudarsanam, 2005).

Risk Assessment and Business Continuity Planning

Risk management and risk assessment are competed with the basic security risk analysis to maintain the infrastructure of the business and to analyze the situation of how a business entity continues to implement information security management. It should be included in the employees’ jobs that no one could copy or use data of others without his or her permission. Business organizations should use barriers and obstacles to prevent unauthorized persons from checking the data. Secure data should be made in the form that faces the disaster in the supervision of the delivery of data from one authority to another. It is the process to determine which factors could be beneficial for the organization and what re not suitable according to the business situation. It is difficult task to check which part of the risk gains confidentiality and which relates to integrity. This assessment makes the organization to divide the performance of the factors. To protect data from the theft companies are using safeguards and equipment to secure the risk. There must be secure power cables and power supply so that data in computers also saved from hacking. Any organization that is dealing in the market should implement these measures to continue the business in the market. The security measures are necessary to develop the security system in the organization. The natural occurring risk could impact on the abilities of the operation. The damage should be incorporated in the emergency planning procedure and business continuity plans. Assets of the company from threating scenarios which could identified the risk which can measured and implement the emergency. After the identification of the risk, the potential impact is easy to measure to extend the business with risk handing. If the organization follow all the steps to secure the information system there are more chances to protect the data.

Summary of PHYSICAL AND INFORMATION SECURITY

·         The report is based on the system of security of data in the activities of the business by the professional expertise.

·          There are legislations and regulations which are used in the physical and information security of the data.

·         The study discussed about the role of information security and the relationship between the physical security and information security in the environment of the organization.

·         There is also budget plan for the security system for the organization. The study is based on the discussion about the staffing in the organization to support the policies and procedures which are compulsory to implement and follow to protect the personal and professional information of the organization and the employees.

·         The main objective of this report is to describe the role of the physical security which is connected with the information security program in the system of dealing of data with precaution and elaboration with the reasons that how it could be helpful to maintain the continuity in the business with the assessment of the risk.

Conclusion  of PHYSICAL AND INFORMATION SECURITY

The information system of the security functions within the organization relating to the issues and problems which could be create problem in the staffing of information security. Professionals who are dealing with the security of the data in the organizations are competent to solve the problems in the issues regarding the threat of data security. It relates to the physical security of the data with the information security. The duties are distributed to the authorities according to the principles of information security system to make the consistency in the data security. . The study discussed about the role of information security and the relationship between the physical security and information security in the environment of the organization. There is also budget plan for the security system for the organization. The main objective of this report is to describe the role of the physical security which is connected with the information security program in the system of dealing of data with precaution and elaboration with the reasons that how it could be helpful to maintain the continuity in the business with the assessment of the risk (P. D. Ray, et al., 2010).

References of Explain how an organization’s information security blueprint becomes a project plan

A. Ahmad, Maynard, S. B., & Park, S. (2014). Information security strategies: towards an organizational multi-strategy perspective. Journal of Intelligent Manufacturing,, 25(2), 357-370.

B. Bulgurcu, Cavusoglu, H., & Benbasat, I. (2010). nformation security policy compliance: an empirical study of rationality-based beliefs and information security awareness. MIS quarterly, 34(3), 523-548.

C. Y. Ku, Chang, Y. W., & Yen, D. C. (2009). National information security policy and its implementation: A case study in Taiwan. Telecommunications Policy, 33(7), 371-384.

H. N., & Liu, H. (2012). Cyber-physical-social based security architecture for future internet of things. Advances in Internet of Things, 2(01), 1.

K. Popović, & Hocenski, Ž. (2010). Cloud computing security issues and challenges. . The 33rd International Convention MIPRO, 344-349.

L. Ertaul, & Sudarsanam, R. (2005). Security Planning Using Zachman Framework for Enterprisesy.

P. D. Ray, Harnoor, R., & Hentea, M. (2010). Smart power grid security: A unified risk management approach. 44th annual 2010 IEEE international Carnahan conference on security technology , 276-285.

R, B. (2007). Information Lifecycle Security Risk Assessment: A tool for closing security gaps. Computers & security,, 26(1), 26-30.

T. R. Peltier. (2013). Information security fundamentals. CRC press.