Security Policy: Development and Implementation
Security Policy: Documentation and Implementation
Most babies cry when they receive their first set of vaccines. Mothers know that they must go through this to ensure a healthy future. Like a vaccine the development and execution of a good security policy will help prevent danger and intrusion later. Being one step ahead of the virus is half the battle; it’s the development and implementation that will essentially win the war.
The average American is surrounded by security policies in just about every aspect of their lives, but never takes the time to acknowledge that fact. Your bank probably has fraud protection for you, the same as when you travel you must go through an entity of a security policy (e.g. metal detectors, baggage scans etc). Prime example of when a security policy must change because of its inefficiency was 9/11. Until that day most airlines had policies that kept passengers safe on their flight, policies to ensure or secure your luggage arrival and policies with procedures to follow if ever in an emergency situation. On 9/11 it was made clear that airline security policies were outdated and we as Americans were left vulnerable to a deadly “virus” that up until that day we had neither vaccine nor quick cure. This unfortunate example is exactly why the vitality of a security policy must stay one step ahead so that America may have a safe and healthy future. And like a vaccine a good security policy should prevent future attacks and infections of the virus that is in this example terror.
“By definition, security policy refers to clear, comprehensive, and well defines plans, rules and practices that regulate access to an organizations system and the information included in it. Good policy protects not only information and systems, but also individual employees and the organization as a whole. It also serves as a prominent statement to the outside world about the organizations commitment to security.” When developing a
Most babies cry when they receive their first set of vaccines. Mothers know that they must go through this to ensure a healthy future. Like a vaccine the development and execution of a good security policy will help prevent danger and intrusion later. Being one step ahead of the virus is half the battle; it’s the development and implementation that will essentially win the war.
The average American is surrounded by security policies in just about every aspect of their lives, but never takes the time to acknowledge that fact. Your bank probably has fraud protection for you, the same as when you travel you must go through an entity of a security policy (e.g. metal detectors, baggage scans etc). Prime example of when a security policy must change because of its inefficiency was 9/11. Until that day most airlines had policies that kept passengers safe on their flight, policies to ensure or secure your luggage arrival and policies with procedures to follow if ever in an emergency situation. On 9/11 it was made clear that airline security policies were outdated and we as Americans were left vulnerable to a deadly “virus” that up until that day we had neither vaccine nor quick cure. This unfortunate example is exactly why the vitality of a security policy must stay one step ahead so that America may have a safe and healthy future. And like a vaccine a good security policy should prevent future attacks and infections of the virus that is in this example terror.
“By definition, security policy refers to clear, comprehensive, and well defines plans, rules and practices that regulate access to an organizations system and the information included in it. Good policy protects not only information and systems, but also individual employees and the organization as a whole. It also serves as a prominent statement to the outside world about the organizations commitment to security.” When developing a
References: System Sciences, 2007. HICSS 2007. 40th Annual Hawaii International Conference on Jan • *Siponen, M.T, “Analysis of modern IS security development approaches: towards the next generation of social and adaptable ISS methods”, Information and organization, 15, 4, 2005, 339-375. • *Villarroel, R, Fernandez-Medina, E. and Piattini, M., “Secure information systems development ' ' a survey and comparison”, Computers and Security, 24, 4, 2005, 308-321. • *Stanton, J. M., Stam, K. R., Mastrangelo, P. and Jolton, J., “An analysis of end user security behaviors”, Computers & Security, 24, 2005, 124-133. • *Fishbein, M. and Ajzen, I., Belief, Attitude, Intention and Behavior: An Introduction to Theory and Research. MA, Addison-Wesley. 1975. • *Aydin, C. E. and Rice, R. E., “Social worlds, individual differences, and implementation. Predicting attitudes toward a medical information system”, Information & Management 20, 1991, 119-136.