The Role of Security Policy Essay

903 Words 4 Pages
All companies and organizations have information that must be secured. This information is secured using security policies and standards. These security policies are practiced by the employees and written for the information systems. The employees will use the policies for the system to protect the information. The roles of the employees are also considered for the protection of information. Role-based access control (RBAC) is another way that a company or organization can use for policies and standards.

Security Policy

Companies and organizations use security policies to protect information. A security policy is a document that informs a company how to protect the physical and information technology (Rouse, 2007). The security policy
…show more content…
As the information in the systems change, the policies for the systems would also need to be updated to the information.

Role of Employees

Employees have a great role when it comes to working at companies and organizations to help protect information. The companies and organizations have employees in different sections completing different tasks. One section could work on the systems that contain the information. These employees would work on how the information would be kept and secure. A second section could work on the policies the that for the system. The policies are written for the system's protection of information. These policies would be written while the system is written, but the policies would have to be updated as the system makes changes. This would ensure the policies and the system are up to date and match. A third section could check to make sure the security policies will match up with the system. These employees would check the security policies and see if the policies will be suffice for the system. If any of the policies are not suffice, the employees would send the policy back to the writers to fix the policy.

Companies and organizations would train the employees on the systems by using training sessions. The training sessions would start from the basic usage to more specific functions. The employees would be able to sign up for each session, but only a limited amount of employees would be able to sign up for each session. There will be three

Related Documents

Smart Bracelet (288) | Ventes se terminant | Education - 583 Words