Description
As an IT professional, you’ll often be required to communicate policies, standards, and practices in the workplace. For this assignment, you’ll practice this important task by taking on the role of an IT professional charged with creating a memo to communicate your company’s new security strategy.
The specific course learning outcomes associated with this assignment are: • Analyze the importance of network architecture to security operations. • Apply information security standards to real-world implementation. • Communicate how problem-solving concepts are applied in a business environment. • Use information resources to research issues in information systems security. • Write clearly about network security topics using proper writing mechanics and business formats.
Unformatted Attachment Preview
Purchase answer to see full attachment
Explanation & Answer
Attached.
To: Employees of Mall’s Company
From: IT Security Officer
CC: Company’s Manager
Date: 07/02/2018
RE: Developing Security Policies, Standards, and Practices of the Company
Business Environment, Risk, and Reasoning
A business environment is defined as the internal and external factors that affect the way in
which an organization operates. These factors include management, customers, employees,
business regulations, supply, and demand. However, the term ‘business environment' indicates
the external institutions, factors and forces are cannot be controlled by business, and they
influence how a business enterprise functions. Such factors include the competitors, customers,
government, suppliers and the social, legal, political and technological factors. Both the internal
and external influences affect business in either a negative or a positive way. Therefore, to
control the factors affecting business, a security policy has to be created to control risks that may
face an organization such as theft of the company’s products and services.
In every organization, there is need of having a security policy has they help in playing various
roles. One of the reasons behind the creation of a security policy in an organization is to address
threats. Threats are found everywhere in business especially in IT Security. The objective of IT
security policy is to address any threats related to the system of the organization and implement
strategies on how to control such threats as well as how to recover from any threat that is
exposed any part of the organization. The other reason for creating a security policy is engaging
employees. Engagement employee in developing a policy is very important as it incorporates the
minds of various people hence coming up with a suitable policy though there are times when the
creation and implementation of policy do not need the engagement of employees due to some
reasons which are known by the management.
Assembling a Security Policy
Mall's Company shall keep a locking system to protect its community members, information,
property, and facilities. All locks electronic access cards, keys, and access codes are parts of the
Mall's Company and will be issued to every employee depending on their needs to access various
areas. Each company’s facility will be locked at all times in a day with exception of when the
employees are passing through the facility. No person is supposed to place a lock on the
company’s facility on the exterior or interior, or give their k...