StudyDaddy Article Writing

Waiting for answer This question has not been answered yet. You can hire a professional tutor to get the answer.

QUESTION

The SAT provides a great way to educate employees and keep the organization’s security policy fresh in their minds. There are different stages involved in this process.Forming Security Team: This is

The SAT provides a great way to educate employees and keep the organization’s security policy fresh in their minds. There are different stages involved in this process.

Forming Security Team: This is the first step to develop the guidelines, policies, and delivery. It’s a great advantage having a specialized team ensure the success of the SAT program. The team size will depend on the organization needs and culture. 

Determine Roles: The organization can provide training personnel at the appropriate levels based on the roles. The idea is to help organizations deliver the right training to the right people. Every organization has different teams and all of them may not require the same training. For example, the network team required more training on security, but the business team or Testing team may not require. So, it's very important to provide SAT based on the role. The manager role required different SAT training than a team member.

              General Security Training:  All personals

              Intermediate Security Training: Managers, Some Specialized Roles

              In-Depth Security Training: Specialized Roles, Higher Management

Passwords: All passwords must contain letters, numerical, capital letters and special characters and length should be more than 15 characters. Also, need to avoid keeping the first name, last name and month names. All the passwords must be changed on monthly basis.

Clean Desk Policy:  Its always better to implement clean desk policy. All the employees should not list the passwords on paper or system. It’s always better to memorize and keep a unique password which is easy for you not others.

Security Audit: It’s one of the most important and needs to perform this task on quarterly. Based on the audit results an organization can update the security guidelines and policies.

References:

1.  Jan Killmeyer. Information Security Architecture: An Integrated Approach to Security in the Organization, Second Edition

2.  https://www.enterprise-cio.com/news/2016/jan/22/importance-security-awareness-training-enterprise-it-governance/

Show more
Files: CIS349Week4AuditFindingsandBusinessProcesses.docx
Related Questions:

Have a similar question?

Continue to edit or attach image(s).

New questions
Homework Categories
LEARN MORE EFFECTIVELY AND GET BETTER GRADES!
Ask a Question