Curriculum Development Related to Information Security Policies and Case Study

Curriculum Development Related to Information Security Policies and Procedures - Case Study ExampleFor providing improved functionality for the geological formation, policies and procedures must be defined. They play a alert role for an organizations smooth functioning. In regulate to implement policies and procedures, group discussions are required for constructing and implementing them in a real world scenario. The graduation requirement is to differentiate both of them. A security policy comprises in the form of a document or rules that specify the statement What must be done in order to assure security measures in the system or the network. Whereas, procedures are associated with the rules and practices that are implemented in order to impose the rule. For instance, in a network security scenario, where there is a requirement for preventing the wireless network, anonymous access must be blocked. Likewise, the security policy document go away define What needs to be done to b lock anonymous access for a wireless network. Whereas, the procedures will define the practices and rules that needs to be followed in order to block the anonymous access (Curriculum development related to information security policies and procedures ).After differentiating both the security policies and procedures, these two are associated with development and administration in an organization. The term security in terms of development and administration is more like a management gist rather than a technical issue in an organization. The justification is to utilize and classify employees of an organization efficiently. Moreover, from the management perspective, discussions take place for describing various vulnerabilities and threats along with the creation of policies and procedures that whitethorn contribute for the achievement of organization goals. After the discussions and alignment of policies and procedures to contribute for organizations success, the development process is initiated at a high level, and afterwards implemented at lower levels in spite of appearance an organization. The conclusion reflects the development of policies and procedures, requirement of an approval from concerned personnel and then implementing them smoothly for the employees (Curriculum development related to information security policies and procedures ). On the another(prenominal) hand, initiation of these security policies is easy and not expensive, but the implementation is the most difficult aspect. If the development and administration do not comply effectively, or fails to point awareness between employees related to the policies and procedures, the disadvantages may affect inadequately for the organization. For instance, an attack from a social engineering website such as Facebook, twitter, or MySpace may extract sensitive information from senior or trusted employees of an organization. If the policies and procedures were understood or implemented properly, emplo yees will be well aware of not providing any(prenominal) credentials or they will verify authorization before providing information on the sites. Moreover, privacy and trust is a debatable topic that is also referred as identity theft. A good definition of identity theft is available in network dictionary that states as, Identity theft is a crime in which an imposter obtains key pieces of personal information, such as Social Security or drivers license numbers, in order to impersonate somebody else. The information can be used to obtain credit, merchandise, and services in the name of the victim, or to provide the thief with false credentials. Many organizations suck in suffered security breaches initiated from a social networking site. There is a requirement for creating awareness between employees by developing policies and procedures related to the attacks associated with social engineering sites along with coping up these attacks. There is a requirement of identifying critica l information systems within the organization. All the users must be