Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Policies and Supporting Documents 1- Write the differences between Policies, sta

ID: 3592541 • Letter: P

Question

Policies and Supporting Documents

1- Write the differences between Policies, standards, baselines, procedures and guidelines.

2- Provide an example for each policy supporting document.

3- Do you agree with this policy statement: ''an annual review of information security policy must be conducted''? Provide raison for your opinion.

The coures book is

Greene, S. S. (2014). Security program and policies: principles and practices (2nd ed.). Indianapolis, IN: Pearson Education. ISBN: 9780789751676 (print); 9780133481211 (e-copy).

Explanation / Answer

1.

Policies - Policies are the top tier and high-level documents that basically offer us a general statement about the organization’s and its assets and what level of secutity & protection they should have. Policies which are written spell out who’s responsible for security, what needs protection, and what is an acceptable level of risk.

Standards - Standards are much more specific than that of policies. Standards are also tactical documents because they basically layout the steps or processes required to meet a certain requirement.

Baselines - is a least or minimum level of security that a network , system or device must adhere to. Baselines are normally mapped to specific industry standards.

Guidelines- points to a statement in a policy or procedure by which to determine a course of action. It’s a suggestion or recommendation of how things should be done.

2.

Advisory Policy

The job of an advisory policy is to ensure that all employees must know the consequences of behavior and actions. Example advisory policy:

Illegal copying/Plagiarized : Employees should never download or install any copy right or commercial software, shareware, or freeware onto any network drives or disks untill and unless they have written permission from the administrator.

Informative Policy :  This job helps to investigate complaints and mediate all sort of settlements when a third party is requested.

In partnership with Human Resources, the employee job is to serve as an advocate for all employees, providing mediation between all organizations employees and management.

Regulatory Policy

These policies make certain that the organization complies with all the laws including local, state, and federal laws. An example regulatory policy :

Because of changes to Texas State law, The Company will now retain records of employee inventions and patents for 10 years; all email messages and such email associated with patents and inventions will be stored for one year.

3 ) I totally agree that an annual review of information security policy must be conducted.

Related Questions

Police officers during the course of an investigation sometimes lie to suspects
Question #3486350
Police often set up sobriety checkpoints--roadblocks where drivers are asked a f
Question #2960041
Police often set up sobriety checkpoints-roadblocks where drivers are asked a fe
Question #3177341
Police often set up sobriety checkpoints—roadblocks where drivers are asked a fe
Question #3378778
Police plan to enforce speed limits by using radar traps at 4different locations
Question #2916785
Police plan to enforce speed limits by using radar traps at 4different locations
Question #2951663
Police radars determine speed by measuring the Doppler shift of radio waves refl
Question #2102721
Police received an anonymous informant’s tip that a motorist would be traveling
Question #1193493

Navigate

Previous
Policies True false Help Save& Exit Submit Check my work Ravine Corporation purc
Next
Policies that limit the discretion of managers as a way of protecting bondholder