Curriculum Development Related to Information Security Policies and Case Study

broadcast Development Related to Information Security Policies and Procedures - Case Study spokespersonFor providing improved functionality for the presidency, policies and procedures must be defined. They play a vital role for an organizations polish functioning. In order to implement policies and procedures, group discussions are required for constructing and implementing them in a real piece scenario. The first compulsion is to differentiate some(prenominal) of them. A security policy comprises in the form of a document or rules that specify the statement What must be do in order to encounter security measures in the system or the network. Whereas, procedures are associated with the rules and practices that are implemented in order to apply the rule. For instance, in a network security scenario, where there is a requirement for preventing the wireless network, anonymous entrance must be blocked. Likewise, the security policy document will define What needs to be done to block anonymous access for a wireless network. Whereas, the procedures will define the practices and rules that needs to be followed in order to block the anonymous access (Curriculum development related to information security policies and procedures ).After differentiating both the security policies and procedures, these two are associated with development and administration in an organization. The term security in term of development and administration is more like a management issue rather than a proficient issue in an organization. The justification is to utilize and classify employees of an organization efficiently. Moreover, from the management perspective, discussions take place for describing versatile vulnerabilities and threats along with the creation of policies and procedures that may contribute for the achievement of organization goals. After the discussions and alignment of policies and procedures to contribute for organizations success, the development process is initiated at a high level, and afterwards implemented at dismantle levels within an organization. The conclusion reflects the development of policies and procedures, requirement of an approval from concerned personnel and then implementing them smoothly for the employees (Curriculum development related to information security policies and procedures ). On the other hand, initiation of these security policies is easy and non expensive, but the implementation is the most difficult aspect. If the development and administration do not comply effectively, or fails to establish awareness between employees related to the policies and procedures, the disadvantages may affect inadequately for the organization. For instance, an attack from a well-disposed engineering website such as Facebook, twitter, or MySpace may extract sensitive information from older or trusted employees of an organization. If the policies and procedures were understood or implemented properly, employees will be wel l aware of not providing any credentials or they will verify authorization before providing information on the sites. Moreover, seclusion and trust is a debatable topic that is also referred as identity theft. A good comment of identity theft is available in network dictionary that states as, Identity theft is a curse in which an imposter obtains key pieces of personal information, such as Social Security or number one woods license numbers, in order to impersonate someone else. The information can be apply to obtain credit, merchandise, and services in the name of the victim, or to provide the thief with false credentials. legion(predicate) organizations have suffered security breaches initiated from a social networking site. There is a requirement for creating awareness between employees by developing policies and procedures related to the attacks associated with social engineering sites along with coping up these attacks. There is a requirement of identifying critical infor mation systems within the organization. All the users must be