(7) Polices that are appropriate in the area of retention and according to the policy and standards of the organization;

(8) Documentation practices that are appropriate as per the security policy, procedures, security, contingency and disaster recovery plans; and (9) Hardware, software and resource protection. (Whitman and Mattord, 2008)

III. THREE TYPES OF SECURITY MONITORING TECHNIQUES

In addition to the specified controls security operations that are sound are inclusive of auditing and monitoring which is appropriate. There are three techniques which are used in monitoring security and these include the techniques referred to as:

(1) intrusion detection;

(2) penetration testing; and (3) violation analysis. (Whitman and Mattord, 2008)

Auditing is another important component of information security operations security and it is advised that reviews of audit trails should be performed on a regular basis in order to alert the organization to practices that are inappropriate.

SUMMARY & CONCLUSION

Each of the ten security domains are important for maintaining an organization's information system however, operations security is the most...

"The 10 Security Domains" (AHIMA Practice Brief) Journal of AHIMA 75, no.2 (February 2004): 56A-D.
International Information Systems Security Certifications Consortium, (ISC)2.

Code of Ethics. Available online at www.isc2.org / in: Dougherty, Michelle. "The 10 Security Domains" (AHIMA Practice Brief) Journal of AHIMA 75, no.2 (February 2004): 56A-D.

The 10 Domains of Security. 10-D Security. Online available at: http://www.10dsecurity.com/about/10domains.htm

The 10 Security Domains (AHIMA Practice Brief) HIM Body of Knowledge in: Dougherty, Michelle. "The 10 Security Domains" (AHIMA Practice Brief) Journal of AHIMA 75, no.2 (February 2004): 56A-D.

Tipton, H.F. And Krause, M. Information Security Management Handbook. CRC Press 2006.

Whitman, M.E. And Mattord, H.J. Principles of Information Security. 2008. Cengage Learning EMEA.