Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Organisational Systems Security

No description
by

MJ Mudge

on 31 March 2014

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Organisational Systems Security

Organisational Systems Security
P4 Explain the policies and guidelines for managing Organisational IT security issues.
Introduction
In this task I will be creating a PowerPoint using Prezi to explain the policies and guidelines for managing organisational IT security issues to the staff. I will also support my explanation with example policies suitable for ‘Eco-Friendly’. Furthermore, for this I will be covering each of the following:
• Disaster recovery policies
• Updating security procedures
• Codes of conduct
• Surveillance and monitoring policies
• Risk management
• Budget setting
Disaster recovery policies
System disaster can occur in any organisation at any time including ‘Eco-Friendly’, so the disaster recover policy details what action are to be taken in the event of a human-based, or natural disaster, which may befall an organisation.
In an including Eco-Friendly’ the system disaster can occur as a result of natural disasters (fire/flood) occurring, employee incompetence or computer criminals purposely damaging an organisation’s system.
System disasters can range from fires to human errors to virus attacks. Having a recovery policy ensures that an organisation is as best equipped as they could be to recover from such a disaster.
This policy comes with the objective of securing vital data or at least salvaging at least some data upon an attack, setting up alternative sites that can be used if a current working base is unworkable (due to disaster), hiring workers/equipment to speed up the recovery process and to ensure that insurance is taken out to fund the recovery process.
Updating security procedures
Eco-Friendly will have to review security procedures and updates on a regular basis. Reviewing the ‘Eco-Friendly’ organisations current security is only useful until new security techniques are brought in so they will have to compare their security policy against new threats which can affect Eco-Friendly.

The ‘Eco-Friendly’ organisation security and systems will require regular updating but these updates have to be tested before they are applied to all the computers the organisation has in case there are any bugs or other problems with the software. If this is not checked then this would be a problem for the organisation as a threat might be able to get into the system because of this software.

Codes of conduct
Codes of conduct is essential for any organisation including Eco-Friendly. So, what is a Codes of conduct? A code of conduct is a set of rules detailing the responsibilities of employees of ‘Eco-Friendly’ organisation and enables them to know that if they go against these rules, they may be subject to losing their job or disciplinary action; this is likely to discourage any wrong doing from the employees, thus promoting the security of an IT system.

Employees have constant access to an IT system and at times, have access to important data. So, to ensure that an employee stands by the security needs of an organisation including ‘Eco-Friendly’, he/she is required to sign a code of conduct as reassurance to their organisation that they will hold the security of their system in the highest of regards.

The code of conduct basically says that ‘I agree not to go against the policy/guidelines set and if I do, I accept the action taken by my organisation’. This gives an organisation confidence that the security of their system will not be breached by their employees.
Surveillance and monitoring policies
The surveillance policy and monitoring policy is used to keep track on what the employee is doing whilst they are using the ‘Eco-Friendly’ organisations system or either to monitor what they do in the work area. This is done so the organisation can keep track of their equipment if any has been stolen or damaged by someone they can identify them quickly and easily.

This can only be done if the employees agree to the organisations decision to use these techniques to keep their organisation safe. This may cause distress for the employees if they have been imported into the organisation without the employees knowing. This could then lead the employees could then use union action against this action the organisation has taken.
Risk management
Risk management is used by all organisations including ‘Eco-Friendly’ to prepare for any risks in the future that may affect the organisation. The organisation will look for possible issues that may affect the organisation and make a plan for this issue so the business is able to deal with the risk. The organisation can use different actions that can help with this issue. Some of the actions are:
To tolerate the risk by just carry on with the current strategy the company has and not change for this issue that has occurred.

Look for a way to treat the issue such as looking for an upgrade which may stop the issue or a new piece of reliable software which may stop the issue being a risk to the organisation.

The organisation could attack the threat which would remove the threat immediately once it has been dealt with so the system is now risk free from threats which may cause the organisation problems.
Budget setting
Budget setting is important for any organisation. Budget setting is when the organisation set a limit on the budget they will spend on security for their systems. This is managed by the finance manager of the organisation and it is their duty to ensure the security is renewed and is within the budget allocated to them.

When given this budget other costs are included such as: training staff, replacing old software or equipment and other things which will take money off the budget given to them.

Conclusion
For this task I have created a PowerPoint using Prezi to explain the policies and guidelines for managing organisational IT security issues to the staff. I have also supported my explanation with example policies suitable for ‘Eco-Friendly’. Furthermore, for this task I have covered each of the following:
• Disaster recovery policies
• Updating security procedures
• Codes of conduct
• Surveillance and monitoring policies
• Risk management
• Budget setting



References
* BTEC Level 3 National Information Technology Student Book 1 by K Anderson and others.
* http://www.nysscpa.org/cpajournal/2004/704/essentials/p52.htm
* http://www.templatezone.com/pdfs/Disaster-Recovery-policy.pdf
Full transcript