100% (1)
Pages:
4 pages/≈1100 words
Sources:
6
Style:
APA
Subject:
Creative Writing
Type:
Essay
Language:
English (U.S.)
Document:
MS Word
Date:
Total cost:
$ 14.4
Topic:

Policies and procedures that organizations should implement to protect themselves

Essay Instructions:

Taking care of information falls to those who own the information to develop ethical guidelines about how to manage it. Treating sensitive corporate information as a valuable resource is good management. Building a corporate culture based on ethical principles that employees can understand and implement is responsible management. Organizations should develop written policies establishing employee guidelines, procedures, and organizational rules for information.

Epolicies typically include: Ethical computer use policy, Information privacy policy, Acceptable use policy, email privacy policy, Internet use policy, and Anti-spam policy.

In this assignment you are expected to read the required readings listed in the background material and at least one other elective reading.

When you complete the readings, write a 3-4 pages paper addressing the topic:

“Policies and procedures that organizations should implement to protect themselves”

In your paper, be sure to include:

-       What are security policies or e-policies?

-       Explain three security policies that you would primarily recommend to an organization to have and why?

-       How security policies should be implemented in organizations?

Case assignment expectations:

Your assignment will be graded following these expectations:

- Precision: the questions asked are answered.

- Clarity: Your answers are clear and show your good understanding of the topic.

- Breadth and depth: The scope covered in your paper is directly related to the questions of the assignment and the learning objectives of the module.

- Critical thinking: It is important to read the “required readings” posted in the background material plus others you find relevant. Your paper should include important concepts from these readings and incorporate YOUR reactions and examples that illustrate your reflective judgment and good understanding of the concepts.

- Your paper is well written and the references are properly cited and listed (refer to TUI guidelines http://support(dot)trident(dot)edu/files/Well-Written-Paper.pdf )

- Your paper meets the page requirements not counting the cover page or the references pages.

When your paper is done, send it in.

 

Essay Sample Content Preview:

Policies and procedures that organizations should implement to protect themselves
Name:
Institution:
Policies and procedures that organizations should implement to protect themselves
A perfect business environment calls for organizations to operate under certain general ethical codes that facilitate a smooth flow of information. For purposes of correctly evaluating today's business environment, information ethics for a sheltered benchmark that cannot be ignored. This paper's focus revolves around aspects of security e-policies that form the basis of e-commerce, which is the revolutionary and modern form of business being adopted by organizations all over the world and in the United States. Indeed, organizational policies form the background of all organizations structures existing in corporate America today. Grave business focus has shifted to aspects of information technology over the past half century (Rhodhe, 2003).
Information Security Policies form a crucial part of any given organization that aims to achieve success in today's business policies. As far as e-commerce is concerned, the policies under question are referred to as e-policies. The roles played by stakeholders in the development of these policies cannot be overvalued, especially the contribution of competitors, suppliers and employees. The policies are aimed at establishing acceptable and recommended behavior patterns within the workplace setting. They are specifically designed to protect the sovereignty of an organization in terms of practices and standards of safeguarding information and promoting productivity at the same time (Whitman & Mattord, 2010). In general, organizational policies serve to establish core fundamental factors regarding information safeguarding and transfer.
In specific terms, these policies are but written official documentation held by a company, which describe in detail form particular guidelines of practices and procedures to be upheld by employees of a company. They are presented as a breakdown of standards to be maintained by interested parties of an organization, specifically, employees play a major role per se in terms of maintaining an organization's information policies (Clarkson, 1998). It is understood that people pose as the weakest point of an information security system and so this factor ought to be constantly monitored and managed to be at a desired level (Russell, 2012).
As a function of management, all people in an organization are required to abide by set policies and for this reason; they ought to be fully aware of all relevant details of these standards through comprehensive dissemination of information. However, mere dissemination is not enough especially when dealing with delicate aspects of e-commerce, as a result, organization need to implement awareness programs preferably by offering workers formal training of information security measures. In addition, follow-ups are necessary and can be implemented by use of recurrent posters, emails, bulletins or other media forms. (Conklin, et al. 2012).
Constant monitoring and training of workers in information security programs enables them to be better equipped with knowledge of upholding high levels of information security. A good number of organizations employ Information Technology (IT) experts, who are primarily responsible for the firm's information security. Such placement entails job descriptions like Chief Information Security Officer (CISO), system administrators, security officers and technicians. All these workers are responsible for the day-to-day facilitation of the organization's security program. In addition, the firm can outsource security consultant functions. Different security levels can be established for purposes of maintaining a comprehensive organizational information security program. According to Whitman and Mattord (2010), these include Enterprise Information Security Policies (EISP), the Issue-Specific Security Policies (ISSP) and System-Specific Security Policies (SysSP). EISP is more of general but managed at the top management level, ISSP on the other hand is specific to processes and procedures at departmental level but SysSP is most specific to tasks and systems.
E-policies form a crucial foundation for organizational information security programs and they ought to be entrenched in organizational...
Updated on
Get the Whole Paper!
Not exactly what you need?
Do you need a custom essay? Order right now:
Sign In
Not register? Register Now!