StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...

Information Security Policy - Essay Example

Comments (0) Cite this document
Summary
The purpose of the Information Security Policy is to safeguard the Information Technology based assets of Strega Oil and Gas Company from all threats whether internal, external, deliberate or accidental.
This Information Security policy of Strega Oil and Gas aims at protecting all the systems of the company belonging to the Information Technology infrastructure…
Download full paperFile format: .doc, available for editing
GRAB THE BEST PAPER93.1% of users find it useful
Information Security Policy
Read TextPreview

Extract of sample "Information Security Policy"

Download file to see previous pages Regular updates and standards will be provided to support the policy.
The Head of Information Compliance & Policy has direct responsibility for maintaining the policy and providing advice and guidance on its implementation.
Managers are directly responsible for adherence to and implementation of the policy within their business domains and also to the adherence by their staff.
Signed: ______________________
Title: ______________________ Date: ___________________
Introduction
This Information Security policy of Strega Oil and Gas aims at protecting all the systems of the company belonging to the Information Technology infrastructure. The protection is needed from any activity that may jeopardise the successful operations of the company. These harmful activities may be a result of an unintentional threat such as a natural calamity or a deliberate attempt by a member of the company or an outsider to cause any harm. The following sections will include a brief on Strega Oil and Gas Company and the need and use of the Information Security Policy.
A Brief on the Company
Strega Oil and Gas is a privately owned company with its exposure in production and retailing of Natural Oil and Gas. The company's central Head Office is located at Deep Park, Texas. Apart from having a production centre at Deep Park, the company also has a unit at Baton Rouge, Los Angeles. The company is operating for over 10 years, and it is now a mid size industrial company with a workforce of 1500 employees. Being a massively successful and profit making company, for the previous year ended 2005 - 2006, Strega recorded revenue of 15m $. Information Technology acts as a corner stone of the...
The following sections will include a brief on Strega Oil and Gas Company and the need and use of the Information Security Policy.
Strega Oil and Gas is a privately owned company with its exposure in production and retailing of Natural Oil and Gas. The company's central Head Office is located at Deep Park, Texas. Apart from having a production centre at Deep Park, the company also has a unit at Baton Rouge, Los Angeles. The company is operating for over 10 years, and it is now a mid size industrial company with a workforce of 1500 employees. Being a massively successful and profit making company, for the previous year ended 2005 - 2006, Strega recorded revenue of 15m $. Information Technology acts as a corner stone of the company's success. The company relies heavily of latest computing systems, networking equipments, databases and ancillaries. All internal operations of the company and communicated via intranet. The company conducts business with third party companies such as its suppliers and agents over the extranet. The company is also involved in E Commerce over the public Internet. This policy aims at providing measures to secure all the IT assets of the company from technological and physical threats.
Strega Oil and Gas Company will seek to ensure all three aspects of a secure IT infrastructure viz. ...Download file to see next pagesRead More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Information Security Policy Essay Example | Topics and Well Written Essays - 9750 words”, n.d.)
Information Security Policy Essay Example | Topics and Well Written Essays - 9750 words. Retrieved from https://studentshare.org/miscellaneous/1530764-information-security-policy
(Information Security Policy Essay Example | Topics and Well Written Essays - 9750 Words)
Information Security Policy Essay Example | Topics and Well Written Essays - 9750 Words. https://studentshare.org/miscellaneous/1530764-information-security-policy.
“Information Security Policy Essay Example | Topics and Well Written Essays - 9750 Words”, n.d. https://studentshare.org/miscellaneous/1530764-information-security-policy.
  • Cited: 0 times
Comments (0)
Click to create a comment or rate a document

CHECK THESE SAMPLES OF Information Security Policy

Information security policy

...policy is not possible, however, to cover all aspects related to information security, a set of information security policy document focusing on different group of employees within the organization is more suitable. This paper will discuss different factors that must be taken in to account when constructing and maintaining an information security policy. However, there are many methods available for constructing an information security policy, the initial step before adopting any one of the methods is to identify the current maturity...
10 Pages(2500 words)Essay

Information Security Policy Document (ISPD)

...of protecting information security, three fundamental factors must be considered to make use of digitized information in an effective manner i.e. Confidentiality, Integrity and Availability. As there is a requirement of protecting this digital information internally and externally, policy is a control that provides necessary steps, procedures and processes to protect information. These are also considered as high level statements derived from the board of the organization. “Information security policy is therefore considered an essential tool for information...
9 Pages(2250 words)Assignment

Confidentiality, Integrity and Availability Triangle, Information Security Policy

... (Whitman and Herbert 1-250). 2. DESCRIBE AN INFORMATION SECURITY POLICY. EXPLAIN WHY IT IS CRITICAL TO THE SUCCESS OF AN INFORMATION SECURITY PROGRAM Information security policies are certain documented business rules and regulations that are implemented for the sole purpose of storing and protecting information in an appropriate manner. These policies largely emphasize an appropriate plan or a course of action in matters pertaining to information technology and its use. It is also considered to be a very essential foundation in the implementation of an information security programme. Information security policies play a vital role in the process of information flow as well as the process of securing of information. These policies...
10 Pages(2500 words)Assignment

Information Security Policy for E-government in Saudi Arabia: Effectiveness, Vulnerabilities, and Threats

...? Information Security Policy for E-government in Saudi Arabia: Effectiveness, Vulnerabilities, and Threats This paper presents a case study for the adoption of e-government in Saudi Arabia where various organizations are studied. The study uses qualitative methods approach where interviews are conducted to various people in various capacities. Literature review also focuses on the scope of e-government adoption in Saudi Arabia and the vulnerabilities of this system of governance. Empirical results demonstrate the e-government application has lots of benefits but it prone to attack from various sources. Introduction Most governments in their attempts to advance their service delivery to the people apply the information and communication...
10 Pages(2500 words)Research Proposal

Information Security

... to be struck. Commenting on a study carried out by the GAO, the National Institute of Standards and Technology established a viable framework for promoting good practices for information security programs; this framework deals with risk assessment, the taking steps to reduce risk, and the creation of a central management group devoted to these risk management functions. This section will address good practices as they pertain to risk assessment and tailoring an information security policy to organizational goals and to remain cost-effective. The essence of an effective risk assessment procedure is not to assume that every conceivable risk can be planned for, but instead to identify steps to reduce the treat of potential risks to levels...
4 Pages(1000 words)Essay

Information Security

Based on the nature of the information, we can classify information into two board categories; private and public. Public information are open to anybody since it may not cause any harm to the public and hence it is not necessary to protect it whereas private information are intended for a specific group of people and hence it should be protected from unauthorized use. Private information can be manipulated, modified or misused in many ways for personal gains and such manipulations may cause immense problems to others and hence it is necessary to protect it from unauthorized use.
Most of the current organizations store their information on computers. Staff details, client lists, salaries, bank account details, marketing and sa...
6 Pages(1500 words)Term Paper

Information Security Policy: Development Guide for Large and Small Companies

...Information Security Policy: Development Guide for Large and Small Companies Information security laws and practices involve the ways of ensuring that organizations protect and manages their information, that is, in a confidential and safe manner, in order to prevent it from getting lost or being distorted for the purpose of achieving laid goals. The government, organizations and businesses should be careful in the way they disseminate or disclose information. These include practices such as preventing any unauthorized personnel from such delicate sources, use or alteration of information. Businesses, the government and organizations should establish appropriate policies. These include a number of set procedures or rules concerning...
2 Pages(500 words)Case Study

The Role of Information Security Policy

...The Role of Information Security Policy Information is the strategic asset in an organization since it contains all the crucial planning in their running. Information systems security policies are the central repository that protects the assets of an organization by addressing threats. This has made many organizations to prioritize in developing information security policies to avoid damages. Therefore, an Information Systems Security strategy ensures effective procedures as well as assists for information security across the whole organization. The size and nature of firm normally influences the sophistication and scope of a security policy. Regardless of all these, the essence for a security policy on information systems...
4 Pages(1000 words)Essay

Public Privacy and Information Security Policy

... to come out of the distress and resume normal living. International Policy Change: While the Geneva Conventions govern a huge amount of wartime decisions and punishments between two countries, US has used an immediate punishment protocol that uses third degree torture to extract information from doubtful people right from the start. This approach is not welcome in domestic grounds, but helps in regulating problems like extremism and terrorism that is intrinsic to the country (Beard, 2007, 45). In short, if there is a certain amount of finesse and accuracy brought into the system, the Homeland and National Security departments set a good example of heightened security within a country. These can be followed by countries all over the world...
13 Pages(3250 words)Research Paper

The Relationship Between Security, Risk and Health in a Large Organisation

... of supportive elements which can lead also to the community in interests. The above issues are clearer in the case of Shell in Nigeria. The response of the firm’s security manager to the challenges set by the firm’s environment – especially the external environment – has been immediate. However, the effectiveness of the policies developed can be doubted – the lack of support of these policies by the firm’s employees can be considered as the main reason for this outcome. On the other hand, the sector in which the firm operates – petrochemical sector – is quite challenging; firms in this sector need to develop extremely complex policies in order to keep their premises and information safe; in any case, the support of the state...
9 Pages(2250 words)Coursework

Contemporary Issues in World of Politics Climate Change Policy

It is more than a particular problem of any specific community. In fact, climate change has a wider global nature compared to other environmental issues and it affects the people of every nation and boundary. Therefore, the issue of climate change has a far wider reach than the other environmental issues and it is an issue concerned with almost all the international communities. It is identifiable that national boundaries may attempt to prevent the movement of people and goods across the boundaries of the nation. However, when it comes to pertinent environmental issues such as climate change, these issues do not stop at borders, making them – some would argue – quintessentially global phenomena. “Climate change i...
6 Pages(1500 words)Case Study

Information Security Management

Security is a group of activities that include the policies, measures, and actions which are utilized to stop unlawful access or alteration, theft, and physical damage to information or computer. Security can be supported by an assortment of techniques and tools to safeguard computer hardware, software communications networks, and data (Laudon & Laudon, 1999, p. 502). In the modern age of information technology, there are many threats happened for organizational information. We need a security model that has the ability to manage and secure our information reserves. Technical administrative safety /security measures like security plans, actions and techniques are the main practices for the organizational information security m...
10 Pages(2500 words)Research Paper

Information Security Policy of Organization

In the modern age of information technology, there are many threats created for organizational information. Organizations need a security model that has the capability to handle and secure our information reserves. Technical administrative safety /security measures like security plans, actions and procedures are the general practices for the organizational information security procedures. The attentiveness of producing actions is concerned by the organizations to an appreciably smaller level, on the other hand at the same time these are weighed up as being further efficient organizational actions than technical administrative ones. Information security encompasses organizational features, officially authorized aspects, institution...
6 Pages(1500 words)Research Paper

International Security Studies: Examination

Globalization affects international security in the sense that problems involving terrorism, the environment, religious extremism, weapons of mass destruction, and the economic crises have become more universal and widespread in character (Ivanov “Article”). As a result, these issues pose a greater threat to national and international stability and safety. More lives are now affected by threats to international security; these threats did not seem too ominous before the entry of globalization. Consequently, some extremists justify the use of mass weapons of destruction in order to guarantee their security. And as globalization continues to expand and to grow bigger as a phenomenon, threats to international security are...
7 Pages(1750 words)Assignment

Role of the Police and Private Security

... than thirty thousand staff employed by the agency and they obtain a federal grant of more than six billion per year. The Agency began its operations in 1908 when the policy makers of the nation felt that a new agency was needed to provide security to a quickly expanding nation and economy. New cities and towns were coming into existence and new territories were beginning to be occupied. As is expected this also brought about an increase in criminal activity resulting in the need for a national agency. Their motto is Fidelity, Bravery, and Integrity which is also an expanded acronym for the word FBI. The present director and chief of the agency is Robert S. Mueller III, who took charge in 2001. The official website of the agency is also...
8 Pages(2000 words)Case Study

Business Information Systems

.... This organizational management of Club IT project will provide a better system management and handing. The implementation of new management system will provide: Better organizational management Better information handling Centralized information retrial Identical data format Better online information access Enhanced data security Establishment of Quality of Services (QoS) Gaining better competitive edge Performance enhancement Better inter-departmental communication Enhanced customer management Fast order processing Assessment of Needs In this high competition and complex business management world Club IT requires extensive assistance from the powerful business management systems. These business management systems and enterprise...
8 Pages(2000 words)Case Study

UK Employment Policy

Analysts explain that this situation is not simply because citizens don’t want to exercise this fundamental right, but largely because of the continued failure of the governments to institute an effective implementation of employment policies put in place (Howell, 2005). It has clearly been demonstrated by Mathew (2006) that the United Kingdom government has shown a lot of unwillingness in tackling the reported unemployment crisis.

Available research findings reveal that there are high unemployment rates among UK born ethnic minorities which show great diversities. According to a 2001 report, it is shown that unemployment rates amongst UK born men and women from black, Bangladeshi and Pakistani ethnic groups were...
9 Pages(2250 words)Case Study

Money Policy versus Credit Market

Financial institutions generally engage in securitization to enhance their profits by trading in the collateralized backed securities that generate high yield returns to the financiers. This nevertheless inversely and negatively affected the credit markets as their efforts to enhance their liquidity positions backfired. Consequently, the import of these monetary strategies has generated cyclical effects on the monetary system to the detriment of the financial system.

Normally, money markets demonstrate a more efficient allocation of credit whenever additional liquidity is injected into the system, which would otherwise display some undesirable distortions. Ultimately, the liquidity market is not easily susceptible to ex...
6 Pages(1500 words)Case Study

European Union Policy: Turkey

..., a viable market economy and the capacity of the Nation to abide by the policies of the European Union. The Commission screens the suitability of the country in the light of 35”chapters” like food safety, agriculture, energy and transport policies, foreign and security policies etc. Before the negotiations begin, the country may be asked to fulfill certain benchmarks, and the procedure varies depending on the merit of the applying country. The country must indicate a time-line for the implementation of the EU policies and processes. “When all negotiations are complete to the unanimous satisfaction of the member countries, a Draft Accession Treaty is compiled and submitted to the Council, Commission, Parliament and member countries...
9 Pages(2250 words)Case Study

Global Employee Information and Consultation: Replicating the European Model

A significant step to enhancing the employees’ right to information and consultation is the establishment of the European Works Council (EWC). The EWC Directive (94/45/EC) aims to improve cooperation in transnational companies and to allow trade unions to influence, at least indirectly, the decision-making of corporations (Lockwood and Williams). It requires community-scale undertakings and community-scale groups of undertaking to create this mechanism for regular consultation of the workforce. A ‘community-scale undertaking’ is one with at least 1,000 employees within the Member States and at least 150 employees in each of at least two Member States (Lewis and Sargeant).

An EWC is a forum that would a...
9 Pages(2250 words)Coursework
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.

Let us find you another Essay on topic Information Security Policy for FREE!

Contact Us