Free Essay

Security Management

In:

Submitted By YENI16
Words 825
Pages 4
Employee discipline forms an important aspect in any organization. Whenever misconduct or disciplinary cases occur within an organization it is vital to conduct disciplinary investigation in order to obtain the necessary facts of the case. The essay therefore explores the importance of conducting disciplinary investigations within an organization. Employee discipline is a difficult experience that managers and supervisors encounter in the day to day activities within an organization. Before any disciplinary action is taken against an employee for alleged breach investigations should be conducted. The major purposes of conducting an investigation include establishing the rules or regulations that are purported to have been breached by the employee.
Investigations aim at obtaining evident that will be relevant to the allegations being made.
The evidence may be in form of facts surrounding the alleged breach of the rules or regulations. The facts may be obtained from witnesses that are involved in the occurrences of the breach of the organization’s rules and regulations (Alexander, 2000).
Another main purpose of conducting disciplinary investigations in regards to employees in an organization is to obtain the employees version of the events concerning the alleged breach. This will encompass the reasons for the misconduct if the case is not

disputed by an employee. While obtaining employee version of the facts the employee should be made aware of the allegations that are being leveled against them and the source of evidence if any that the organization relies on (Colaprete, 2007).
Within large organizations that has several departments the responsibility of conducting a disciplinary investigation in a particular department within the organization.
Within these organizations the immediate employee’s manager may engage an investigatory manager who is perceived as not being directly involved with the case in order to investigate the particulars of the case. In many cases a member of the human reason team may be considered to offer assistance so as to ensure that the matter is handled impartially, rationally and in agreement with the current legislation of the organization (Alexander, 2000).
In other cases, the direct manager may act as an investigation officer in regards to the employee misconduct. The direct manager may be required to conduct disciplinary investigations in situations where the cases are generally straightforward or fall within the jurisdiction of the direct manager. In such cases the direct manger is believed to be in a better placed position to conduct such disciplinary investigations on employees that he directly supervises
In general terms a complaint can be defined as an official written accusation that is usually signed by the complainant or a manager receiving a verbal grievance while declaring the complainant accusations. The types of complaints that should be investigated are those that may warrant a negative image of the organization and an eventual loss of trust form its customers and clients. These are complaints that are

considered as being serious and a violation to the organization’s code of conducts and rules and regulations that govern employees within a particular organization (Cushway,
2012).
These complaints may range from general and gross misconduct. These complaints should be investigated as soon as they occur or whenever they are reported.
The complainants may be reported by clients of an organization in form of a manger of another company or the direct managers may be in a position to point out such misconduct whenever they occur. The complaints should be investigated as soon as possible in order to avoid losing evidence in the cases. It is also important for such complaints to be addressed earlier so as to determine the next course of action that an organization may undertake (Colaprete, 2007).
Investigatory interviews form part of the process that is engaged in establishing if a disciplinary action should be taken against an employee or not. It is therefore important that as part of the investigations the employee whom allegations of misconduct have been made against be required to attend an investigatory interview. In an investigatory interview an employee is obligated to notify the investigating manager of any facts that an employee views as being relevant to the case being investigated. In cases where an employee has witnesses the witnesses may also be called upon and interviewed. There are several outcomes of the investigation process for instance the employee may be found guilty of the allegation, the matter may be solved in an informal manner for instance through training or recommendations that the case goes through a disciplinary hearing
(Cushway, 2012).

Conclusion
Finally, the disciplinary investigations form a crucial aspect in employee discipline within an organization. It is through disciplinary investigations that facts may be obtained and therefore the eventual disciplinary action meted on the concerned employee. References
Alexander, M. (2000). Employee performance and discipline problems: a new approach.
IRC

Press.

Colaprete A. (2007). Internal Investigation: A Practitioner's Approach. Charles C Thomas
Publisher.
Cushway, B. (2012). The Employer's Handbook 2012-13: An Essential Guide to
Employment Law, Personnel Policies and Procedures. Kogan Page Publishers.

Similar Documents

Free Essay

Security Management

...Security and Management week 1 conference 1 Since 9/11 security has moved from the periphery to the center, with the Government, Private Organizations, and individual citizens placing more emphasis on the need for Security. Security services today are sophisticated and complex it involves the use of criminal and civil law, investigations, policy formulation, psychology, and sociology just to name a few. The most important purpose of security is that of guardian and protector (ortemeir 2013 pg. 4). Ortemeir states that large facilities can utilize security personnel, instead of mailroom staff, to provide internal mail and delivery services, thus increasing value to the organization by cutting delivery costs, while increasing patrol activity. In an organizational sense security is a function and responsibility that is throughout the operation of all public agencies and private institutions. (Ortemeir 2013 pg. 4-5) The roles of public law enforcement are to keep the peace, maintain order, police public property, and respond to and investigate reported crimes on public, and private property, the public police have no authority to enforce a private organizations policies and procedures. Some of the benefits of Law enforcement, and Security partnerships for example include Law enforcement can prepare private security to assist in emergencies, obtain free training, and services, reduce the numbers of calls for service. Security services providers can gain information from law...

Words: 258 - Pages: 2

Premium Essay

Security Management Plan

...IT 454 Security Management Plan Marshall Miller December 20, 2015 Table of Contents Section 1: Information Security Management 4 Intro to Organization 4 People 4 Physical Security 4 Training of Security 4 Information Technology Training 4 Technology 5 Project Manager Roles 5 Section 2: Security Program 6 Data Classification 6 Management Support 7 Hierarchy Reporting Structure 8 8 Section 3: Security Policies 10 Acceptable Use Policy 10 1. Overview 10 2. Purpose 10 3. Scope 11 4. Policy 11 5. Enforcement 13 6. Definitions 13 7. Implementation Date 13 Section 4: Security Policies 14 Risk Assessment 14 Quantitative Risk Analysis 14 Quantitative Risk Analysis 14 Methodologies 15 1. Transfer 15 2. Avoid 15 3. Reduce 15 4. Accept 16 Summary 16 Section 5: Controlling Risk 17 Administrative 17 Human Resources 17 Organizational Structure 17 Security Policies 18 Technical 18 Access Control 18 System Architecture 18 System Configuration 18 Physical 19 Heating and Air Conditioning 19 Fire 19 Flood 19 Summary 19 Bibliography 20 Section 1: Information Security Management Intro to Organization My organization is about a federally recognized business called JPPSO (Joint Personnel Property Shipment Office). JPPSO specializes in the shipping of military personnel goods. JPPSO works hand in hand with the United States Air Force to enforce the safe shipping of military household goods...

Words: 2755 - Pages: 12

Premium Essay

Management of Information Security

...Review Questions for Chapter 7 – Security Management Practices Read Chapter 7 in the text, Study the Power Point Presentation and answer these Review Questions 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. What is benchmarking? What is the standard of due care? How does it relate to due diligence? What is a recommended security practice? What is a good source for finding such best practices? What is a gold standard in information security practices? Where can you find published criteria for it? When selecting recommended practices, what criteria should you use? When choosing recommended practices, what limitations should you keep in mind? What is baselining? How does it differ from benchmarking? What are the NIST-recommended documents that support the process of baselining? What is a performance measure in the context of information security management? What types of measures are used for information security management measurement programs? According to Dr. Kovacich, what are the critical questions to be kept in mind when developing a measurements program? What factors are critical to the success of an information security performance program? What is a performance target, and how is it used in establishing a measurement program? Answer: Performance targets are values assigned to specific metrics that indicate acceptable levels of performance. They make it possible to define success in the security program. 14. 15. List and describe the fields found in a properly and fully...

Words: 1387 - Pages: 6

Premium Essay

Security Management

...TABLE OF CONTENTS A. Four Functions of Management 1 1. Planning 2 Planning Terminology 3 Vision 3 Mission 3 Objective 3 Goals 3 Strategic Planning 4 2. Organizing 4 Organizational Structure 5 Division of Labor 5 Delegation of Authority 6 Departmentation 7 Informal Structure 8 Leading 8 Staffing 9 Staffing Success – More than Luck 10 Starting with Self Assessment 10 Know yourself 11 Know your business 11 Know Advantage & Disadvantage of Employment 11 Directing 12 Motivation 13 Removing Barrier of Communications 13 Facilitating Communication 16 Controlling 17 B. Management Plan (Intro) 20 Security Management Plan 22 -oOo- Ils-pwu-2012 Principles of Organization & Management: Four Functions of Management Planning means looking ahead and chalking out future courses of action to be followed. It is a preparatory step. It is a systematic activity which determines when, how and who is going to perform a specific job. Planning is a detailed programme...

Words: 7522 - Pages: 31

Premium Essay

Global and Domestic Security Management

...GM 594: Global and Domestic Security Management Table of Contents I. Introduction i. An example of an international company ii. Introduction to the subject of the paper II. Background i. Geographical location ii. History and its consequences of on this region iii. Current financial and economical situation III. Differences in the cultures i. Common ways of doing business ii. Understanding the culture and traditions IV. Security issues i. Benefits of establishing a business in this region ii. Business security issues facing an organization iii. Adverse effects on an organization V. Recommendations on reducing the risk i. Protection of assets and information ii. Protection of labor iii. Adhering to the laws and regulations VI. Conclusion VII. Works Cited Business Opportunities in Eastern Europe I. Introduction How safe is it to explore the business markets outside of the USA, particularly in the undeveloped markets? A good example of a company willing to take the risk to discover new business opportunities in such economic markets is the Coca Cola Company. Its early recognition of the global demand for their products led them to explore investing in the yet unexplored, and politically and economically challenged markets including the markets in the region of Eastern Europe. In the early 1990s, after some significant political and economical changes in this region, the...

Words: 4049 - Pages: 17

Premium Essay

Computer Security Management

...CSE 4482 Computer Security Management: Assessment and Forensics Introduction to Information Security Instructor: N. Vlajic, Fall 2010 Learning Objectives Upon completion of this material, you should be able to: • Define key terms and critical concepts of information security. List the key challenges of information security, and key protection layers. Describe the CNSS security model (McCumber Cube). Be able to differentiate between threats and attacks to information. Identify today’s most common threats and attacks against information. • • • • Introduction “In the last 20 years, technology has permeated every facet of the business environment. The business place is no longer static – it moves whenever employees travel from office to office, from office to home, from city to city. Since business have become more fluid, …, information security is no longer the sole responsibility of a small dedicated group of professionals, …, it is now the responsibility of every employee, especially managers.” http://www.businessandleadership.com/fs/img/news/200811/378x/business-traveller.jpg http://www.businessandleadership.com/fs/img/news/200811/378x/businesshttp://www.koolringtones.co.uk/wp-content/uploads/2010/01/mobile-phones.jpg http://www.koolringtones.co.uk/wp- content/uploads/2010/01/mobile- Information Technology • Information Technology – enables storage and transportation of information from one business unit to another in many organizations...

Words: 4051 - Pages: 17

Premium Essay

“Economics of It Security Management”

...of IT Security Management” 1) The article questions the loss estimate obtained from CSI/FBI security surveys since they exclude some categories of costs associated with security breaches. It suggests that cost estimate based on the loss in capital markets as a result of a breach in security may be a proxy to estimate true cost of security breaches. a. What do you think about the quality of this cost estimate? Can you think of better ways to capture true cost of security breaches? Although I can see the benefit to utilizing capital market losses as a basis for estimating the true costs of a security breach because it attempts to capture the intangible costs of a breach, there is a great deal of uncertainty in the market and market share may go up or down as much based on the public perception of company’s ability to handle the situation as the damage done by the event itself. Additionally, the marketplace is often affected, in the long term by a multitude of indirect factors that skew the data; the price of fuel, socio-economic instability or new laws/regulations in parts of the world where they have warehouses or production facilities, natural disasters etc. Furthermore capital market changes only capture the effects of those security breaches that are publicly reported. Privately held companies are not subject to many of the laws and regulations that compel larger businesses to self-report and even when companies are required by law, to report security breaches...

Words: 2740 - Pages: 11

Premium Essay

Security Management Literature Review

...long time, university-managements have put much investment in IT security appliances towards improving system security, (Bichanga & Obara, (2014). Despite continued investment in IT security, there is increased frequency at which security of university information systems are getting breached thus compromising productivity and security of information systems that support teaching, learning, administrative and research activities, (Vacca, 2012). Research studies indicate that to ensure better IT security management, a reliable way of determining security status need to be considered besides heavy investment in security appliances, (Mong'ira, 2011). This is supported by Broadbent (2007),...

Words: 962 - Pages: 4

Premium Essay

Security Risk Management Plan

...SECURITY RISK MANAGEMENT PLAN Prepared by Jeremy Davis Version control Project title | Security Risk Management Plan Draft | Author | Jeremy Davis | VC | 1.0 | Date | 25/10/10 | Contents Executive summary 4 Project purpose 5 Scope of Risk management 5 Context and background 5 Assumptions 5 Constraints 5 Legislation/Standards/Policies 6 Risk management 6 Identification of risk 7 Analysis of risk 8 Risk Category 9 Review of Matrix 9 Action plan 9 Testing Procedures 11 Maintenance 11 Scheduling 11 Implementation 12 Training 12 Milestones 12 Monitoring and review 13 Definition 13 Authorisation 14 Reference 15 Executive summary A Security Risk Management Plan (SRMP) helps CBS by providing specific guidelines and rules to ensure risk management is considered and included. It provides guidelines for its implementation that can minimise the threats by planning, policies, processes and procedures that can help your business get everything back to normal as soon as possible. This SRMP was designed for the guidelines for its implementation of risk management in CBS and in its operations in order to ensure its security and safety of its staff and assets. Throughout this SRMP it identifies threats, procedures, policies, responsible person and etc which will provide you and your staff information to prepare you with the worst disaster event. Every business these days has a SRMP in case of any events which may occur,...

Words: 2028 - Pages: 9

Premium Essay

Security Management in Noi Bai Airport

...I. Overview of Air Cargo Security Management 1. General Air Cargo Security Situation Today, aviation is one of the world’s most important business. The growth of the industry over the past decades has made it one of the biggest contributor to the expansion of global economy. Therefore, an emphasis on airline security is undoubtedly important. Logistics security is not only contingent on safe passage and avoidance of hazards, but also assurance that goods have not been tampered with and kept secure. There are several security threats such as Terrorism, Organised Crime and Cargo Theft, Hijacking and Piracy, Drug/human smuggling, Illegal weapons, Counterfeit goods, Illegal exports of licensed materials/technology For instance, transnational criminal organizations use the aviation system to transport contraband and, increasingly, people across the globe. Cocaine smugglers have used the FedEx air delivery system to transport their products across the United States, and narcotics smugglers from Guyana have used U.S Mail pouches to smuggle millions of dollars worth of cocaine into the United States through JFK. Hijackings were the most popular tactic for many individuals. Between 1967 and 2004 there were nearly 1000 airline hijackings. It is estimated that approximately 85 percent were carried out for political purposes. The rest were conducted by terrorists. The international civil aviation regime began to respond to the menace, deploying the so-called X-ray machines, for example...

Words: 1339 - Pages: 6

Premium Essay

Maximum Security in Database Management

...Maximum Security in Database Management Maximum Security in Database Management Rackspace Introduction In the current world there people and organization experience un-eventualities and risk of their confidential information. My organization, Rackspace, is a hosting and cloud system organization. For this company it is vital that information is stored in data bases that are run by organizations, locally hosted on personal computers. Intruders can access this information if it is not properly secured. Therefore the purpose of this study is to inform about the current savvy technologies that can be applied to completely thwart intruders from accessing such delicate information within Rackspace. Part 1: Project Identification and Business Environment For this project to go on in a smooth and effective manner different individuals must carry on certain specified task. For Rackspace, this means that every person must hold on to a responsibility to properly and pursue it to the end. Some of the responsibilities are interdepended and other are depended. In case of an interdependent responsibility there will be a proper communicated channel of events that will ensure that information is traversed from one source to another to smoothen up events. Therefore, the following a list of responsible individuals who will implement the process of securing the database of an organization. Company Chief Executive Officer Responsible for overseeing the success of...

Words: 3927 - Pages: 16

Premium Essay

Security Risk Management

...Security Risk Management Plan Sydney Head Office 175 Sydney Rd Sydney NSW 2000 DOCUMENT VERSION CONTROL Document Name: | Amalgamation of GSC | Version Number: | 0.1 | Date: | 18 July 2016 | Reviewed By: | | Authorised By: | | CHANGE HISTORY Version | Issue Date | Author | Reason for Change | 0.1 | 20.05 | ABCELLO | Original Document | | | | | | | | | | | | | | | | | | | | | | | | | DISTRIBUTION LIST Copy No | Name | Location | 1. | Master | Project Office | 2. | <Project Manager> | | 3. | <Project Sponsor> | | 4. | <Executive Sponsor> | | 5. | | | | | | | | | | | | | | | CONTENTS INTRODUCTION | 4 | | | SCOPE OF WORKS | 4 | DISCLAIMER AND LIMITATIONS | 4 | | | METHODOLOGY | 4 | | | STRATEGIC CONTENT | 4 | STAKEHOLDER LIST | 5 | RISK MANAGEMENT CONTEXT | 5 | THE RISK MANAGEMENT PROCESS | 6 | | | ANALYSIS OF SECURITY RISK | 7 | TREATMENT OPTIONS | 7 | | | SOURCES OF EVENT RISK | 8 | | | RISK IMPLEMENTATION/RISK IDENTIFICATION | 9 | | | RISK ASSESSMENT SUMMARY | 9 | RISK 1 - Operational | 10 | RISK 2 - Strategic | 10 | RISK 3 - Human / Animal Resources | 11 | RISK 4 - Systems | 11 | RISK 5 - Financial | 12 | RISK 6 - Legal | 12 | | | RISK ASSESSMENT TABLES & CONSEQUENCE | 13 -18 | STAKEHOLDERS SIGN OFF | 19 | BIBLIOGRAPHY | 20 | | | INTRODUCTION ...

Words: 3116 - Pages: 13

Premium Essay

: It Security and Disaster Recovery Management

...IT Security and Disaster Recovery Management Dr. Kenneth Phillips August 26, 2013 Introduction The Malcolm Baldrige National Quality has evolved from a means of recognizing and promoting exemplary quality management practices to a comprehensive framework for world class performance, widely used as a model for improvement. As such, its underlying theoretical framework is of critical importance, since the relationships it portrays convey a message about the route to competitiveness. This paper will compare how two schools us the support related to the validity of the Baldrige framework by examining both schools plans at the level of its theoretical constructs. By moving beyond the specific criteria, I seek to examine it in a larger context, how these schools and business in general can use it for strategic planning. Baldrige and Plans The Baldrige literature has been influential in providing guidance for achieving performance excellence in businesses. The Malcolm Baldrige National Quality Improvement, which embodies many elements from UC Berkeley and UC Boulder strategic IT plans, offers a framework for implementing a set of high-performance management practices, including customer orientation, business process management, and fact-based management. This framework points to the interconnections between information and analysis, process management, customer management, and performance management and acknowledges that the management of...

Words: 996 - Pages: 4

Premium Essay

Security and Risk Management

...can no longer be managed on an ad hoc basis, but should be sewn into the fabric of corporate management. In other words, an organization will not be able to make strategic choices to maximise performance without having a clear understanding of the risk it faces. People make risk decisions at all levels in an organization, ranging from individual responsibilities to collective decisions made at Board level. Allowing individuals too much autonomy within an organisation can have disastrous consequences. Consequently, compliance and adherence to regulations is important to all risk management programmes, which in turn have focused organisations on corporate governance as a form of management control. Risk analysis helps put in place checks and procedures that reduce the chance of negative outcomes. In relation to the risk management situation, we can always relate to Nick Leeson's case, who had lost Baring’s Bank $1.3 billion on trading derivatives, destroying Barings and its reputation within a short period of time. Inter-related Crisis and Risk management Crisis and Risk management are two different types of management control. Crisis Management is the term that describes a process, or collection of processes that are put in place to handle an unexpected event that threatens to harm an organization, a business, an operation or an individual or group of people. Crisis management often requires decisions to be made within a short time frame, and...

Words: 1044 - Pages: 5

Premium Essay

Risk Management Security

...Project Part 1 Task 2 Risk Management Plan Alen Kovacevic C. Wyrick IS3110 January 29, 2013 Purpose The Senior Management of the Defense Logistics Information Services (DLIS) has decided to update the previous risk management plan with a developing, new risk management plan. This new risk management plan will not only minimize the amount of risk for future endeavors, but will also be in compliance with regulations such as the Federal Information Security Management Act (FISMA), Department of Defense (DOD), Department of Homeland Security (DHS), National Institute of Standards and Technology (NIST), Control Objects for Information and Technology (COBIT), and Information Assurance Certification and Accreditation Process (DAICAP). Scope The risk management plan is for the organization use only and its network, including remote access company owned building in United States. Outside sources from this scope and risk management plan may cause the network infrastructure to fail or will make it a high risk structure due to the fact that the outside source may not protected to interact with other outside sources allowing hackers to infiltrate your system and steal important files. Compliances Federal Information Security Management Act (FISMA) compliance is required for federal agencies to protect their important information. Department of Homeland Security (DHS) compliance is to be required for protection to the United States against terrorists. There are other organizations...

Words: 1365 - Pages: 6