Return to Secure Policies
Real World Problem Cases Caused By Missing Policies


Does Your Organization Need Information Security Policies?

A "Yes" answer to any one of the following questions indicates that your organization is vulnerable to potential security incidents and needs security policies in place BEFORE they occur.

1. Do workers at your organization handle information that is confidential, proprietary, or private?
Policies are needed to inform these workers of their information protection duties, to tell them what they can and cannot do with respect to this sensitive information.

2. Do the workers at your organization access the Internet?
Policies are needed to define how they are permitted to represent the organization, what they may disclose publicly, and how they may use organizational computer resources for personal purposes.

3. Does your organization have trade secrets?
Policies are needed to clearly define protective measures for these special information assets. The existence of a policy may be a decisive factor in a court of law, showing that the organization took steps to protect its intellectual property.

4. Does your organization have any disciplinary problems with respect to the usage of computers or networks?
Policies are needed to define both acceptable and unacceptable behavior. For example, spending a lot of time surfing the web and downloading pornography from the Internet are both generally unacceptable. Policies are needed to establish the basis for disciplinary action, up to and including termination.

5. Does your organization have networking arrangements with more than the telephone company?
Perhaps this third party is an outsourcing firm, perhaps a credit reporting firm to investigate customers who request credit, or perhaps an extranet with suppliers. Because the information systems from these organizations must work together in a coordinated and secure fashion, it is essential that policies define what will or will not be done when it comes to information security.

For a confidential no obligation discussion about whether your organization needs information security policies, please email us at info@tramenco.com.

Return to Secure Policies
Real World Problem Cases Caused By Missing Policies
Continuing Training, Mentoring and Consulting for Technical Professionals. © Copyright 2001-2009. All rights reserved.
   
1-800-421-8031 | Contact Us | Privacy Policy