Question

In: Computer Science

A security policy is a document that states how the organisation plans to protect the organisations information Technology assets.


A security policy is a document that states how the organisation plans to protect the organisations information Technology assets. In your own words, state how a security policy affects the organisation's culture and the two things the policy must balance.

Solutions

Expert Solution

ANS 1. A security policy is adocument that states how the organization plans to protect the organizations information technology assets.

The Security Policy affects the organizatiion culture in following ways :

1. The security policy benfits the organization as it provides :

- Confedentiality

- Integrity

- Availability

* Because of these benifits the working culture of the organization improves as there is less fear of breach of security.

* The security policy affects the organization culture in a positive way i.e. the employees working in the organization can fully devote there time working instead of getting worried about security issues.

* Since people will be less worried about the security they will work up to the mark and this in turn will improve the culture of the organization , because if one is happy ans satisfied doing what they do it will surely uplift their mood and the wholemood of the organization.

* With the availability of the security policy the employees of the organization will be able to openly talk about things with certain boundaries and also will not fear away from sharing things that they want to .

--There surely needs to be a balance that needs to be maintained which are the the organizations benifits and the employees benifits.

* It is usually the same thing but sometime the organization can make such security policies that can put pressure on the employees working there, if they will be questioned for each and every things they do or are forced to do or follow some rules which are completly vague , this will eventually put a lot of mental stress on the employee working there and sometime can affect the way in which they function.

That can eventually hamper the growth of the organization.

So there needs to be balance between the security policy considering the Organizational needs as well as the employees needs.


Related Solutions

The HIPAA Security Rule is a critical document for Health care Information Technology professionals to understand...
The HIPAA Security Rule is a critical document for Health care Information Technology professionals to understand and support. Review the HIPAA Security Rule and discuss: (1) importance of access controls in addition to audit controls, (2) what “emergency access procedures” mean under the Access Control standard, (3) how role-based access controls meet the HIPAA Privacy Rule Minimum Necessary standard, (4) what form of authentication best meets the Person or Entity Authentication standard for different healthcare applications.
Security Controls to Protect Assets What are the control measures currently in use to protect against...
Security Controls to Protect Assets What are the control measures currently in use to protect against payroll fraud? What are the vulnerabilities related to payroll fraud found by the risk assessment team? Please make copy paste available Must be 250 words
Why are physical locks alone not a sufficient security control to protect organizational assets? How is...
Why are physical locks alone not a sufficient security control to protect organizational assets? How is the concept of "defense in depth" enforced with respect to physical security in a data center? How can insufficient climate controls in a data center affect the hardware?
Establishing an effective Information Technology Security Policy Framework is critical in the development of a comprehensive...
Establishing an effective Information Technology Security Policy Framework is critical in the development of a comprehensive security program. Additionally, there are many security frameworks that organizations commonly reference when developing their security programs. Review the security frameworks provided by NIST (SP 800-53), ISO / IEC 27000 series, and COBIT. Assume that you have been hired as a consultant by a medium-sized insurance organization and have been asked to draft an IT Security Policy Framework. You may create and / or...
Technology is used to protect assets in different environments. Identify two assets in your work or...
Technology is used to protect assets in different environments. Identify two assets in your work or school environment used by public safety to protect an asset from harm. What are advantages and disadvantages of these technologies?
please explain deeply and clearly the security mechanisms to protect the fundamental objective of information security
please explain deeply and clearly the security mechanisms to protect the fundamental objective of information security
Create a Wireless Security Policy document. Refer to the Wireless Communication Policy example located within the...
Create a Wireless Security Policy document. Refer to the Wireless Communication Policy example located within the required readings as a template. Make sure to address the following: Describe if the wireless network will be on a different subnet to protect your wired network. What type of encryption will be utilized, including the attributes of the encryption methodology? What kind of logon security will be employed to keep unauthorized users out of your network? Then, in 250 words, summarize your findings...
Create a Wireless Security Policy document. Refer to the Wireless Communication Policy example located within the...
Create a Wireless Security Policy document. Refer to the Wireless Communication Policy example located within the required readings as a template. Make sure to address the following: Describe if the wireless network will be on a different subnet to protect your wired network. What type of encryption will be utilized, including the attributes of the encryption methodology? What kind of logon security will be employed to keep unauthorized users out of your network? Then, in 250 words, summarize your findings...
Having security policies and procedures that document and manage access to critical data and technology is...
Having security policies and procedures that document and manage access to critical data and technology is one thing, but actually controlling the access is another. Describe and evaluate how authentication controls can enforce security policies within an organization.
Looking at the various ways to protect assets in a business, choose which policy/procedure is the...
Looking at the various ways to protect assets in a business, choose which policy/procedure is the most important for your work and tell us why. 2. Have you ever been a customer and observed a situation where the company was not protecting it's assets? or an employee and your company overlooks asset protection? For example, inventory is not protected because there is no alarm for big ticket items at the main doors. Be specific on what needs to be done...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT