Thursday, October 31, 2019

Security A+ policy Document Project Case Study Example | Topics and Well Written Essays - 2250 words

Security A+ policy Document Project - Case Study Example business dealings, processes and tasks. However, in order to achieve these objectives, policies and procedures that are already in place such as, Acceptable Use Policy of Global Distribution, Inc. Information security is the basis for the business that must be incorporated into each element of the organization for instance, administrative service, planning and development, sales and marketing and operations. In addition, these functions need particular controls for mitigating the risk from normal business operations. State and federal laws that are associated with information security and privacy policies are applicable to Global Distribution, Inc., as non-compliance will impose fines, stakeholder confidence, audits and direct revenue loss for Global Distribution, Inc. 1.1 Overview Information security has now become everyone’s business. In fact, every member of staff present at Global Distribution, Inc.is responsible in making themselves alert with the compliance with Global Distribution, Inc. policies, procedures and standards connected with information security. Similarly, a policy is measured as a strategic control followed by budgets and organizations (Osborne, 2006). Information Security is defined as: â€Å"The protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats† (Vacca, 2009). The three fundamental objectives regarding Information Security includes Confidentiality, Integrity and Availability. This policy draft is based on these three objectives. 2 Purpose of Establishing Information Security Policy An Information Security policy is required by the Global Distribution, Inc. in order to secure information resources from upcoming threats. This is to establish confidence in stakeholder. Moreover, valuable benefits are achieved in the market by securing information security resources. In addition, maximum profit along with trust is generated among the organizations. However, security of any organization does not fully depend on Information technology. Other sources regarding threats to an organization includes vandalism, sabotage, espionage, natural disasters, online frauds, phishing etc. In fact, cyber-crimes can also compromise networks while data in transit. Some of the other threats are non-ethical hacking, viruses, Trojan, malicious codes and denial of service attacks. 2.1 Success Factors In order to implement an effective and successful security policy within Global Distribution, Inc. these factors should be made into consideration: Absolute and inclusive security policy along with security objectives that is parallel to the business objectives of Global Distribution, Inc. A methodology that is compatible along with the Global Distribution, Inc. I n order to support Global Distribution, Inc., a comprehensive and visible senior management is needed. Extremely visible support from Global Distribution, Inc. executive management. Complete and thorough information regarding risk management and security requirement practices. Security requirements are communicated to the Global Distribution, Inc. managers, business partners, clients, software developers and outsourced

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.