SECURITY POLICY FRAMEWORK
A security policy framework is a combination of high standardized strategies or goals that mainly affect security at a high level. The SFP is primarily used by security firms, governments, industries, companies and also firms. These policies are very essential n many programs in running the system affairs in many ways. The security policy framework has elements that need a lot of attention to make it (Ismail, Widyarto, Ahmad & Ghani 2017).
The first element of the policy is the sole purpose of the systems created. This entirely depends on the party that established them. Through this purpose, the whole idea of the plan is developed and determined at better efforts. The next element is the audience for the policy. This entirely depends on the purpose of the policy. The audience is altogether the sole purpose to be used.
The third element is information security goals and strategies. This is to encourage the management personnel to get into a well added up objectives for the purposes and security. Information security focuses on confidentiality availability and integrity (Safa, Von Solms & Furnell, 2016). These are the core objectives that should be emphasized. The fourth element is the authority plus access to the control policy. This includes who has access to the controls of the framework and its jurisdiction.
The fifth element is the classification of data. The policy should always be able to classify data in many ways, such as secrete and public. This can, in turn, make the usage of data more accessible. This can increase the privacy of data at bigger and better heights. The next element is if the policy supports data and its operations, which includes data protection, backups, and movement of data. Another aspect is creating security awareness and behaviour, which is also very crucial. The framework is instrumental in fact in many ways and embraced largely.
REFERENCES
Ismail, W. B. W., Widyarto, S., Ahmad, R. A. T. R. & Ghani, K. A. (2017, September). A generic framework for information security policy development.
Safa, N. S., Von Solms, R., & Furnell, S. (2016). Information security policy compliance model in organizations. Computers & security.