Security policies also define the security structure of the company. As such, it is important that security policies must be able to be understood by other employees. They must be able to find that each policy is important as well as being useful. Employees must also be able to abide by the policy with upmost strictness and be reviewed for feedback for improvements.
Security policies must also be clear in assigning different responsibilities for any employee affected. For example, having a no access to internet access for a period of time. It also needs to be clear in punishments should any policy being violated and being enforced. This will deter would-be policy violators who will not take the risk in getting caught violating the security policies of their company.
Lastly, a legal team should be engaged to view every security policy to ensure there is no infringement on copyright and it is legal for it to be carried out.
Below is a brief video on Security policy:
References:
http://www.windowsecurity.com/articles/Defining_a_Security_Policy.html
Hi. Your explanation of security policy is very simple and concise. The video sure does tell me more about security policy and why is it important to have security policy within an organisation. Haikal.
ReplyDelete