College Finder
English flagItalian flagKorean flagChinese (Simplified) flagGerman flagFrench flagSpanish flagJapanese flagArabic flagRussian flagGreek flagDutch flagBulgarian flagCzech flagCroat flagDanish flagFinnish flagHindi flagPolish flagRumanian flagSwedish flagNorwegian flag
By N2H




Security policy: standards, guidelines and procedures

December 18, 2009


A security policy would allow us to have a guide or a broad view of the guidelines, rules and procedures that are needed to protect our wireless technology. We need the security policy because it identifies what needs to be protected, how access, audits and reporting are to be handled. Example:  Internet access will be given to staff that only need it for their work.

A standard is developed from a security policy and it deals with specifics about an issue. We need standards because they describe an issue in detail and this provides for the possibility of audits i.e. ability to audit whether a standard is being followed or me. Example: every user must ensure they have a strong password.

A Guideline provides the how in implementing a standard. “It helps an organization to implement and maintain standards” (Dulaney, 2009). Example:  passwords for access to the wireless internet need to be 8 characters long and must consist of characters and numbers.

A Procedure is developed to provide a step by step instruction on how to accomplish or implement a guideline. It helps users know how to go about following the rules set by the organization.

Example: press CLT, ALT and DEL simultaneously.  Select change password, then enter old password and then enter new password twice. Password need to be 8 characters long and must consist of characters and numbers. Click ok to apply the changes.


References

Stewart M, Tittel E, Chapple M (2004). CISSP study Guide, Sybex

White G, Conklin W M A (2009) Comptia Security+, McGraw Hill

Dulaney E (2009) Comptia Security+  study guide 4th Edition


Page copy protected against web site content infringement by Copyscape

Written by Anthony Kinyua · Filed Under IT Audit & Security 

Comments

Got something to say?





FireStats icon Powered by FireStats