As you begin to perform the information systems audit for PVSS, assume the identity of a different person in the scenario. For this Discussion Board, you are now the Network Systems Manager for PVSS.

As the Network Systems Manager, how would you create the following four controls (or policies) to be used by PVSS:

? Entity level control
? Network level control
? Operating system level control
? Web or database server level control

Keep in mind that each control should focus on a specific topic and offer the following structure:

? The Policy Statement: This is a statement defining the specific action or regulation.
? Responsibilities: Who is responsible for various actions?
? Enforcement: How the policy will be validated?
? Violations: What are the consequences for violation?