This essay has been submitted by a student. This is not an example of the work written by professional essay writers.
Uncategorized

Security Policy Development Lifecycle

Admin 21 Apr 2024

This essay is written by:

Louis PHD Verified writer

Finished papers: 5822

4.75

Proficient in:

Psychology, English, Economics, Sociology, Management, and Nursing

You can get writing help to write an essay on these topics
100% plagiarism-free

Hire This Writer

 

 

 

 

Security Policy Development Lifecycle

Name

Institution

Date

 

 

 

 

 

 

 

 

 

 

 

A security policy refers to patterns of documentation that relate and the ways, mechanisms, and steps an organization, institution, or even industry will use to ensure the security of their information (Tuyikeze & Pottas, 2015). Therefore, Security Policy Development Life-Cycle can be defined as a process that encompasses and involves the development of security policies. The cycle comprises several phases.

Phase 1: The Risk Management Phase

In this phase, what the organization owns is evaluated and set aside for protection. Any hindrances to the assets of the organization are researched and evaluated. After the evaluation, a summarization of the identified vulnerabilities after the assets themselves have found out is done. Protection measures are put in place to ensure the risks do not prevail. Uncertain events or occasions ahead, which are unpredictable, are mostly regarded as being so risky. Still, in this phase, the organization also makes it researches to realize its strengths. This is because the organization’s capabilities are very vital in the process of rejuvenation.

Phase 2: Policy Construction

At this stage, the organization looks at the need to curb any risks or uncertainties which might arise. Policies are improved in this phase through writing and recording of information, which is done prominently. All the goals, missions, visions, and objectives that the institution purposes to achieve are set into a contextual approach. This is done to ensure they are remembered during implementation (Tuyikeze & Pottas, 2015). Several drafts and numerous reports are compiled. All simulations and results of all the reports are recorded. This is done after proper consideration and consultation with the staff members. The grievances, opinions, and everything said is tabled and published. Also, Signatories are done, and some templates are stored for future consideration.

Phase 3: Policy Implementation

On the verge of the completion of policy building, the brand new security policy is documented. It is also implemented and transformed into something real. Several stages are involved in this phase; one is the allocation of responsibilities to secure information (Flowerday & Tuyikeze, 2016). The policies formulated in the organization are likely to be accepted and perceived by the peoples. They are accepted if the personnel communicates them at the top level in the organization.

Phase 4: Policy monitoring and maintenance

This phase comprises of two main contents discussed as follows

Policy monitoring

Appropriate monitoring mechanisms should be adopted by the organization to ensure enforcement of security policies in the organization that cut across all levels of staff. The sub-steps that are followed to ensure the production of measurable results include conducting several reviews and audits by allowing intrusion detections and penetration testing (Flowerday & Tuyikeze, 2016). Policy monitoring maintains the staff to ensure that they abide by the security policies. Staff will monitor the laid down rules and regulations if the senior staff are strict to stamp authority; therefore, managers are obliged to ensure that the policies are enforceable. Nevertheless, enforcement is done with consideration of the peoples’ rights and responsibilities. The rules should not be harmful or discriminative to the members of the organization.

Policy maintenance

Policy maintenance has the following stages: reviewing of security incidents, business strategies

, infrastructure, technology, and the review of uncertain events. The strategies that are geared in outdoing the competitors and remain stable are evaluated so that competitive edge is achieved.

In conclusion, for security policy transformation to surpass the simple policy implementations and writings, all the steps in the cycle to be followed. The policies cannot be written at once. Thorough reviews are required because of changes in technological advancements, among other factors. Comprehensive studies must also formulate ideas to make sure that the policies laid down are accepted.

 

 

 

 

 

 

 

 

 

References

Flowerday, S. V., & Tuyikeze, T. (2016). Information security policy development and implementation: The what, how, and who. computers & security, 61, 169-183.

Tuyikeze, T., & Pottas, D. (2015). An information security policy development life cycle. In Proceedings of the South African Information Security Multi-Conference (SAISMC), Port Elizabeth, South Africa (pp. 165-176).

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  Remember! This is just a sample.

Save time and get your custom paper from our expert writers

 Get started in just 3 minutes
 Sit back relax and leave the writing to us
 Sources and citations are provided
 100% Plagiarism free
GET CUSTOM ESSAY
Copyright © 2019
error: Content is protected !!
×
Hi, my name is Jenn 👋

In case you can’t find a sample example, our professional writers are ready to help you with writing your own paper. All you need to do is fill out a short form and submit an order

Check Out the Form
Need Help?
Dont be shy to ask