Security Document Policy

Security Document Policy

Introduction

Global Distribution Incorporation relies heavily on information technology resources for the purposes of handling critical colossal information. The information typically vary in terms of the degree in sensitivity as well as its specific type (Jaccard, 2013). For this reason, all Global Distribution employees are expected to be highly flexible when handling and protecting such information. It would be highly impractical and far from exercising cost-effectiveness, if the organization will require universal application or protection measures to all company data (Okome, 2013).  There is a high likelihood for the development of risks if Global Distribution Inc. does not emphasize some degree of standardization.

Security Policies

Program-Level Policy

For this reason, Global Distribution Inc. organization has established formal information technology policies aimed at developing important standards for resources in information technology. The company is able to do this by assigning specific program management duties as well as by providing guidelines, basic rules and definitions that are accessible to everyone in the company. Through this process, such a policy plays a key role in prevention of any inconsistencies that ultimately reduce risks (Calder & Watkins, 2015). Besides, information technology policy also serves as a crucial element during the processes of enforcing more detailed procedures and rules. This means that such a policy is expected to be sufficiently comprehensive and clear in order to be effective throughout the organization (Jaccard, 2013). However, Global Distribution Inc. highly advocates for a policy that is flexible enough to handle vast organizational data, resources or activities.

A program-level policy is established by Global Distribution Inc. primarily to establish the security program for information technology. In addition, this policy defines all program management structures, roles of various organizations and individuals as well as reporting various organizational responsibilities that include goals and objectives of security programs (Calder & Watkins, 2015). In essence, this policy provides a more detailed analysis of specific security programs and administration. However, it is important to note that program-level policy is an important tool for Global Distributors Inc. as it able to effectively communicate and emphasize to all employees regarding the importance of information technology security. Additionally, it helps in clarifying various individual roles and responsibilities. Successful integration of this policy requires appropriate visibility and support, which is energetic and clearly reflected in the policy particularly by the top management (Okome, 2013). As a result, this policy will attract high participation efforts by organizational stakeholders and mostly, the employees.

Issue-Specific Policy

Global Distribution Inc. has developed an Issue-Specific Policy that addresses specified types of activities unlike Program-Level Policy that mainly addresses broad aspects or the framework of information technology security programs (Calder & Watkins, 2015). Moreover, Issue-Specific Policy is also developed by the organization for the purposes of addressing particular systems in specified environments. It is worth to note that the types of subjects typically addressed by Issue-Specific Policy are areas of current concerns. The field include relevance and the controversial areas that need the organization’s position of assertion (Okome, 2013).

This means that Issue-Specific Policy is a critical tool that helps in standardization processes of various organizational activities, thus, eliminating any potential risks (Okime, 2013). Risks are brought about by inappropriate or inadequate treatment of the information technology resources. In this respect, the policies help provide detailed guidelines that are important for further development of practices and procedures found within functional elements of a company.

Unlike in Program-Level Policy, Issue-Specific Policy requires regular modifications through updates and revisions. Such modifications are brought about by changes in technology as well as any other related activities that happen within the organization (Jaccard, 2013). As experienced in Global Distribution Inc., the development of new technology results in the diminishment of important issues as new ones emerge. Thus, it is plausible to state that new technology for instance, brings about associated issues and problems that can be effectively addressed by Issue-Specific Policy application.

Governing Policies

Governing policies are a high-level treatment processes as far as security concepts are concerned in any company. The main audiences for the policies are technical custodians and managers of Global Distribution Inc. for example. This policy is important for the organization as it controls every interaction that is security related among supporting departments as well as business units in the company (Okome, 2013). Governing policies seek to address the ‘what’ concerns as far as security policy is concerned.

After the issue and approval of information technology policy it is publicized through several mediums such as presentations, memorandums, staff meetings and also a variety of various means by Global Distribution Inc. However, this process is followed by the incorporation of such policies into formal policy documentation. Such policy documentation process normally requires regular updates of documentations that are in existence including creating new documents that address missing issues.

References

Calder, A., & Watkins, S. (2015). IT governance: An international guide to data security and ISO 27001/ISO 27002. London: KoganPage.

Jaccard, M. (2013). The objective is quality: Introduction to quality, performance and sustainability management systems. Boca Raton, FL: London.

Okome, M. O. (2013). State fragility, state formation, and human security in Nigeria. Basingstoke: Palgrave Macmillan.

Place this order or similar order and get an amazing discount. USE Discount code “GWEXDDSRGCF10” for 10% discount