Question

I’ve been assigned this project and not sure where to from where I’m at. The company I’ve decided on is a mobile car detailing company. Located in the mall, it has 4-5 employees. One member of the team is the owner who does all the accounting via Quickbooks and operates the in-store cash register. The other in-store employee does the detailing of vehicles on-site. The other two employees are on-the-road, receiving assignments from the owner. One of these employees is responsible for receipt of funds via cash or credit card (thus, he needs a credit card reader). Most communication is done either by phone or by the use of tablets for pictures and/or assignments.

Would you please respond to the following?

1. Assemble a security policy or policies for the business, collect industry-specific and quality best practices and formulate your fictional company’s security policy or policies.

2. Develop standards that will describe the requirements of a given activity related to the policy.

3. Develop practices that will be used to ensure the business enforces what is stated in the security policy or policies and standards.

Answer 1

1.   Assemble a security policy or policies for the business, collect industry-specific and quality best practices and formulate your fictional company’s security policy or policies.:-

first Gather Your Team , process of drafting guidelines also helps staff to better understand and explain what they are doing and how.

And please try organization has volunteers that engage with youth/clients, have access to confidential information, etc. then yes, training is especially important. Many nonprofits include social media policies as a part of their volunteer manuals.

2.Develop standards that will describe the requirements of a given activity related to the policy:-

• performance specifications ensure that a product meets a prescribed test, for example, strength requirements
• design specifications set out the specific design or technical characteristics of a product
• management specifications set out requirements for the processes and procedures companies put in place, such as for quality and environmental management systems.

3. Develop practices that will be used to ensure the business enforces what is stated in the security policy or policies and standards.:-

Part of information security management is determining how security will be maintained in the organization. Management defines information security policies to describe how the organization wants to protect its information assets. After policies are outlined, standards are defined to set the mandatory rules that will be used to implement the policies

Below three point are very important

* How Policies Should Be Developed

* Define What Policies Need to Be Written

* Identify What Is to Be Protected