This essay has been submitted by a student. This is not an example of the work written by professional essay writers.
Uncategorized

Security Policy Development Life Cycle

Admin 21 Apr 2024

This essay is written by:

Louis PHD Verified writer

Finished papers: 5822

4.75

Proficient in:

Psychology, English, Economics, Sociology, Management, and Nursing

You can get writing help to write an essay on these topics
100% plagiarism-free

Hire This Writer

Security Policy Development Life Cycle

A security policy refers to patterns of documentation that relate and show the ways, mechanisms, and steps an organization, institution, or even industry will use to ensure the security of their information. Therefore, Security Policy Development Life-Cycle can be defined as a process that encompasses and involves the development of security policies.

Phase 1: The Risk Management Phase

Risk management the next phase of the cycle. What the organization owns is evaluated and set aside for protection. Any hindrances to the assets of the organization are researched and evaluated. Summarization of the identified vulnerabilities after the assets themselves have found out is done. Protection measures are put in place to ensure the risks do not prevail (Tuyikeze & Pottas, 2015). Uncertain events or occasions ahead, which are unpredictable, are mostly regarded as being so risky. The organization also makes it researches and realizes its strengths. The organization’s capabilities are very vital in the process of rejuvenation.

Phase 2: Policy Construction

At this stage, the organization looks at the need to curb any risks or uncertainties which are ahead. The policy is improved in this phase as writing and recording of information are done prominently. All the goals, missions, visions, and objectives of the institution to be achieved are put into a contextual approach (Flowerday & Tuyikeze, 2016). This is done to ensure they are considered during implementation. Several drafts and numerous reports are done. All simulations and results of all the reports are recorded. This is after proper consideration and consultation with the staff members. The grievances, opinions, and everything said is tabled and published. Signatories are done. Some templates are stored too for future consideration

Phase 3: Policy Implementation

On the verge of the completion of policy building, the brand new security policy is documented to be implemented and transformed into something real. Some stages are involved here, which include the allocation of responsibilities to secure information (Tuyikeze & Pottas, 2015). The policies formulated in the organization are likely to be accepted and perceived by the peoples. It will only happen if the personnel communicates them at the top level in the organization.

Phase 4: Policy monitoring and maintenance

This phase comprises of two main contents discussed as follows

Policy monitoring

Appropriate monitoring mechanisms should be adopted by the organization to ensure enforcement of security policies in the organization along with all levels of staff. Production of measurable results, conducting several reviews and audits by allowing intrusion detections and penetration testing, consists of the sub-steps to be followed. Policy monitoring maintains the staff to ensure that they abide by the security policies (Flowerday & Tuyikeze, 2016). Staff will monitor the laid down rules and regulations if the senior staff are strict to stamp authority. It is up to the managers to ensure that the policies are enforceable. Moreover, enforcement is done with consideration of the peoples’ rights and responsibilities. The rules should not be harmful or discriminative of the members of the organization. Humanity must be respected because they are part and parcel of the rules made.

Policy maintenance

Policy maintenance has the following stages: reviewing of security incidents, business strategies infrastructure, technology, and the review of uncertain events. The strategies to beat the competitors and remain stable evaluated to have a competitive edge.

In conclusion, security policy transformation is regarded to surpass the simple policy implementations and writings. All the steps in the cycle have to be followed. The policies cannot be written at once. Thorough reviews are required. It might come due to changes in technological advancements, among other factors. Comprehensive reviews must also be done to make sure that the policies laid down are accepted.

 

References

Flowerday, S. V., & Tuyikeze, T. (2016). Information security policy development and implementation: The what, how, and who. computers & security, 61, 169-183.

Tuyikeze, T., & Pottas, D. (2015). An information security policy development life cycle. In Proceedings of the South African Information Security Multi-Conference (SAISMC), Port Elizabeth, South Africa (pp. 165-176).

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  Remember! This is just a sample.

Save time and get your custom paper from our expert writers

 Get started in just 3 minutes
 Sit back relax and leave the writing to us
 Sources and citations are provided
 100% Plagiarism free
GET CUSTOM ESSAY
Copyright © 2019
error: Content is protected !!
×
Hi, my name is Jenn 👋

In case you can’t find a sample example, our professional writers are ready to help you with writing your own paper. All you need to do is fill out a short form and submit an order

Check Out the Form
Need Help?
Dont be shy to ask