...Information Security for Managers Submitted By: Student Number: Submitted Date: January 22, 2009 Table of Contents 1. Information Security Policy (Word Count = approx. 1000) 3 1.1 Security: 3 1.2 Policy: 3 1.3 Information Security Policy and its importance: 4 1.4 Policies, Procedures, Practices, Guidelines 5 1.5 Example of good policy statement 6 1.6 Possible structure of information security policy documents 7 1.7 Strategies and techniques to implement information security policies 8 2. Developing the Security Program(Word Count = approx. 500) 9 3. Security Management Models and Practices (Word Count = approx. 500) 11 A. ISO/IEC Model 11 B. NIST Security Model 11 C. RFC 2196 11 D. COBIT 11 E. COSO 12 4. List of References: 13 1. Information Security Policy 1.1 Security: Security has been a real issue for this century. Due to the new emerging technology like RFID and wireless devices there have been various issues regarding privacy and security of person and an enterprise. Security can be understood as a condition to protect against unauthorized access. In terms of IT, security can be categorized into application security, computing security, data security, information security, and network security. Source: (Whitman & Mattord 2007, p.5) Even though all of these security fields need to be monitored in an enterprise, for instance in this document we are concerned only with information security. Information security is responsible...
Words: 2401 - Pages: 10
...Security Manager Roles A security manager is one of the most important jobs of any organization. Although the position of security manager may differ from business to business, the main component of the job is to oversee the security operations for that business. Security managers develop and enforce security policies to ensure a safe environment for both employees and visitors. With the different organizations, security managers have key responsibilities that are vital to the daily operations of that organization. To identify the different responsibilities that security manager’s have in different organizations, we can define the key roles of a security manager for the Transportation Security Administration (TSA) and a security manager for an Information Technology (IT) company. Each of these individuals’ roles is crucial to protecting the security needs of their particular organization in their respective fields. A security manager for the Transportation Security Administration is the individual in charge of security operations at an airport terminal. They are in charge of supervisors, leads, and transportation security officers. They also oversee the daily operations schedule and training schedule to assure optimal security coverage on the screening checkpoints. The duties and roles of a security manager is to manage screening checkpoints, recognize and recommend corrections to improper use of equipment or screening procedures, manage employee performance, coordinate...
Words: 1013 - Pages: 5
...Roles and Responsibilities of Security Manager 1. Crime Prevention and Investigation 2. Responsible for maintaining a secure environment through ensuring the security of the physical hotel plant. 3. Act as liaison between hotel and any governmental agencies such as police, fire and any safety regulatory bodies. 4. Establish and maintain procedures to reduce any internal theft/losses. 5. Establish and maintain procedures for the escort of employees transporting large sums of money. 6. Establish and maintain policy for employee locker control. 7. Establish and maintain policy for spot checks of employees carrying parcels when departing hotel property to ensure only employee personal property is leaving. 8. Establish and maintain systems/procedures to ensure that both regular and irregular patrols of entire complex are completed to maximum potential. 9. Ensure that all reports are completed properly and in a timely manner so as to ensure that all matters are duly communicated and all necessary actions are commenced as soon as required. 10. Coordinate investigation of all act of crime, or any losses incurred against by guests, patrons staff, and hotel company in order to determine those responsible and proceed with any necessary prosecution/recover of losses. 11. Must learn to personally conduct door lock readings, CCTV surveillance equipment, etc, in order to handle sensitive investigations. 12. Maintain control of departmental keys...
Words: 776 - Pages: 4
...Security Manger’s Role 2/8/14 SEC 310 Just as any other role in an organization, you need to set yourself goals and standards for yourself and your company. Without any of these, nothing can get accomplished. If you do not give yourself a bar to reach for, you are basically sitting in a stagnant place. A security manager, just like any other management position has objectives they must complete. Just as the title says, their main goal is to identify what the assets of the organization are and to form and develop a plan that will protect what is most valuable to their organization. Without any of this, their position would be pointless. This position can cover organizations of all sizes. From a small mom and pop organization to a large corporate worldwide organization, they still have the same goal in mind, and that is to keep the organizations assets protected. As a security manager there are levels below them that can help to address the issues such as loss prevention officers and a security risk department. The first goal for any organizations security manager would be to establish an organizational structure. Without the implementation of this then there would be no order of execution for getting tasks done (Ortmeier, P, 2013). Organizing things from the largest task to the smallest task would be a good start. Some of these tasks are going to be repetitive at times, and grouping some of the similar tasks together would be helpful to get things done...
Words: 1159 - Pages: 5
...INTRODUCTION CEO duality happens when the same person occupies both the CEO and chairing the board in a corporation. On the other hand, if different individuals serve in these two pivotal positions, the firm can be said to adopt a separate leadership structure. The fundamental question surrounding CEO duality leadership is whether the chairperson‘s position should be filled by the CEO or by a different person (Daily & Dalton, 1997). The all round concern has been whether one person‘s positioning at the corporate pivotal positions of CEO and board chairperson weakens corporate governance effectiveness, leading to managerial opportunism and resulting in reduced firm performance (Brickley, Coles, & Jarrell, 1997; Finkelstein & D‘Aveni, 1994). From the agency theory perspective, having one individual in charge of both management implementation and control is not consistent with the concept of checks and balances. However, from an organization theory perspective, CEO duality may enhance organizational efficiency in corporate leadership. Most theoretical arguments against the practice of CEO duality leadership have centered on the issue of power concentration on dual CEO (Brockmann, Hoffman, Dawley, & Fornaciari, 2004; Daily & Dalton, 1997). Duality has been described as a concentration of power on the dual CEO, enabling dual CEOs to dominate the board, reducing board effectiveness in monitoring and controlling the management’s performance. CEO duality leadership...
Words: 7682 - Pages: 31
...Case study: Warbings Office Systems Plc Background Warbings Office Systems is small but rapidly growing company, focusing on delivering and supplying office based products to a target market of small businesses in the U.K. and, increasingly, Europe. As the trend for homeworking continues much of their new business is in supplying office materials to individuals working from home. Currently offering some 18,000 different product lines in store and 39,000 via catalogue ordering, it intends to double its product turnover in the next three years by increasing its web-based ordering capabilities. With the marketing strapline ‘you need it we’ve got it’, Warbings aims to make office supply shopping as easy as possible for customers. Priding itself on being a ‘thoroughly modern company with old traditions,’ Warbings has used technology to evolve into a customer-focused business, striving to give each customer a ‘personal service second to none,’ with a variety of different, but easily accessible, ways of ordering and receiving products tailored to their individual needs. The more cynical of their staff occasionally reflect that the customers even dictate the lavatory breaks and bedtimes of the Warbings’ employees. Graffiti on one of the depot walls, that intriguingly reappears every time it is removed, says ‘you need it we bleed it’ and occasionally ‘Wosp stings’. The Warbings CEO is passionate about delivery and customer care and he is convinced that the way in which...
Words: 2614 - Pages: 11
...conducted the first management training workshop for senior administrative officers in the Indian Railways. The aim of the six day workshop was to get the top brass of the Indian Railways to develop competencies and skills that focus on three objectives - developing strategic thinking, developing crossfunctional perspective, and managing complexity and uncertainty in their current roles. The course structure was geared to develop a general manager's perspective - decision making; develop understanding of own department's role within Indian Railways' overall goals; long-term thinking and planning; how to lead change, moving from ideas to implementation; financial evaluation of projects, etc. Participant Sanjay Gehlot, chief commercial manager, passenger services, Eastern Railways said, "This programme gave us a good idea of where we stand and where we are heading for. We acquired a theoretical framework as to what we should be aspiring for." He also pointed out a session that he found particularly interesting . "It was about how in order to have happy customers you must first have happy employees, and that employee orientation is equally important as customer orientation ," he said. The workshop comprised sessions like one on operations and supply chain/IT strategies mentored by Medini Singh, customer focussed marketing strategy by Nirmal Gupta, leadership and change management by S Ramnarayan, and finally a session on strategic thinking and implementation by Atul Nerkar. All...
Words: 553 - Pages: 3
...3500 2200-75-2800100-3500 2200-75-2800100-3500 1640-60-260075-2900 do 1 Production Manager 1 In charge of Production Plant 21900 2 Asst Manager Production Asst Manager Maintenance Asst Manager Quality Control Jr. Manger (Q.A)- A 4 3 1 4 1 5 1 Supervision of Production Activities 14500 do 14500 do 14500 do 10840 6 Jr. Manger (Q.A)- B 1 MSc (Pharmaceutical 1640-60-2600In charge of Quality Chemistry)/ MSc (Micro Biology) with 2 years 75-2900 Assurance experience in the relevant field. do 10840 7 Jr. Manger (Q.C) 2 B.Pharm with 2 years experience OR Msc. In charge of Quality (Chemistry)with 2 years 1640-60-2600Control 75-2900 experience/ BSc (Chemistry) with 5 to 7 years experience in relevent Field do 10840 STAFF/WORKERS:TECHNICAL 750-40-950-50B.Sc. (Chemistry) with D.Pharm 1200-60-1500Industrial DA Production of Drug and minimum 3 years 70-1990-80based on cost experience in Pharmaceutical Formulations 2390-95-2865- of living Index production 110-3415 630-25-755-30Minimum 10th Standard + ITI in 905-35-1080Production of Drug Fitter/ Machinist Trade with 2 40-1360-45years experience in a Formulations 1585-55-1860Pharmaceutical Company 65-2185 Minimum 10th Standard + ITI in 605-20-705-25Production of Drug Fitter/ Machinist Trade with 1 830-30-950-35Formulations year experience in a 1230-40-1430 Pharmaceutical Company 630-25-755-30Minimum 10th Standard + ITI in 905-35-1080Maintenance...
Words: 637 - Pages: 3
...Communication is always a big challenge, but people on both sides need to be very patient. Managers can use process orientation and survey feedbacks to make improvements. Cultural differences factor into this significantly. For example, most people in India have a frame of reference for health and life insurance products, but knowledge of pension plans doesn’t come naturally in a country where pension plans are rare and there is no social security. To enable business to succeed and for people to gain more knowledge and build relationships companies must promote travel, and when possible, have conference calls, meetings, joint projects, and more global work opportunities for employees on both sides. I think the first few years may be a challenge for managers but as the people gain familiarity and knowledge of processes it becomes easy to manage. Although time zone differences, cultural (communication) gaps, and limited opportunities for end-user interaction will always present challenges, working in a global setup would benefit organizations in many ways and would enable to maintain a highly competitive IT unit cost. Research suggests that 70% of remote working relationships fail due to lack of communication and unclear roles and expectations. As such, it is essential for the remote manager to develop clear communication protocols and establish individual goals. At the same time, a remote manager needs to provide effective project management support and ensure ongoing performance...
Words: 319 - Pages: 2
...This hotel is based in Bangkok and was established by local investors 15 years ago and was operated by Thai general manager since that time. It had 700 employees that time and use to provide good employee benefits, above market rate salaries and job security and bonuses regardless of the hotel performance during that year. This hotel was sold to an American large chain of hotel who wanted to expand its operation in Thailand. The general manger decided to take an early retirement since the acquisition was announced..The new owners kept all old employees and few were transferred to other positions. A new general manager John Becker an American with 10 years of management experience was appointed. Becker was a strong believer of empowerment, which increases performance, job satisfaction and employee motivation and this factors contribute to the hotel profitability and customer experience. The Grand hotel was always profitable since it opened 15 years ago. Management instructions were always followed by the employees and earlier, innovation and creativity was discouraged. Often employees were punished for their mistakes as a result employees were afraid to take ownership or to try new ideas. Becker has introduced empowerment and has given clear instructions to the managers, he told the managers that employees must be empower with decision-making authority so that they could use their initiative and judgement to satisfy guests needs. However, only serious and complex issues need...
Words: 306 - Pages: 2
...Powers and Duties of Officers and Employees The procedure followed in the decision making process, including channels of supervision and accountability, the norms set for discharge of functions and the rules and regulations held under the control of the organization and used by its employees are detailed below. Shri Raji Philip Chairman-cum-Managing Director The Chairman and Managing Director is the Chief Executive of the Corporation and is responsible to the Board of Directors. He is responsible for all the activities of the Corporation including personnel, financial and commercial management, and corporate planning and project implementation. He is responsible for the effectiveness of the organization in the pursuit of the Company’s goals and objectives and in particular for the performance and supervision of the technical, administrative and day-to-day operations of the Company. The powers exercised by CMD are as per “Delegation of Powers” of CMD in vogue from time to time. Shri A K Bhatia Director (Operations) Director (Operations) is a member of Board of Directors and reports to Chairman and Managing Director. He assists the CMD in all technical matters, in procurement of providing support to the mills for efficient operations, forestry raw material and other major inputs, setting technical parameters and monitoring the operations against the set norms, closely inter-acting with the Chief Executives of the mills on all technical matters including innovation...
Words: 6010 - Pages: 25
...Case study: Warbings Office Systems Plc Background Warbings Office Systems is small but rapidly growing company, focusing on delivering and supplying office based products to a target market of small businesses in the U.K. and, increasingly, Europe. As the trend for homeworking continues much of their new business is in supplying office materials to individuals working from home. Currently offering some 18,000 different product lines in store and 39,000 via catalogue ordering, it intends to double its product turnover in the next three years by increasing its web-based ordering capabilities. With the marketing strapline ‘you need it we’ve got it’, Warbings aims to make office supply shopping as easy as possible for customers. Priding itself on being a ‘thoroughly modern company with old traditions,’ Warbings has used technology to evolve into a customer-focused business, striving to give each customer a ‘personal service second to none,’ with a variety of different, but easily accessible, ways of ordering and receiving products tailored to their individual needs. The more cynical of their staff occasionally reflect that the customers even dictate the lavatory breaks and bedtimes of the Warbings’ employees. Graffiti on one of the depot walls, that intriguingly reappears every time it is removed, says ‘you need it we bleed it’ and occasionally ‘Wosp stings’. The Warbings CEO is passionate about delivery and customer care and he is convinced that the way in which...
Words: 2640 - Pages: 11
...about various technologies and the efficiency achieved by computer systems and would welcomeadvice on the acquisition of hardware, software and network items to augment her existing systems inorder to meet the company’s growing needs. The company has a budget of £100,000 for this project. The company currently consists of the following departments (all located in the same open space office): The sales Manager who is responsible for dealing with Maritime companies. She is assisted by asales assistant, equipped with a laptop but with no ability to access the web. This department iscurrently the only one with a connection to the Internet and with access to the company’s commonemail. The General Manager who is responsible for the general operation of the company. She tradeswith suppliers all over the world in order to ensure the best prices of goods for the company’sMaritime shipping clients. For client communication, she uses plain telephone services and a faxmachine. She keeps all the clients’ invoices in an Excel file that has no access to the web or anybackup devices. The manager recently hired an assistant who was given a modern laptop, butagain with no ability to access the web. The company recently obtained funding to expand its operations. They will soon start hiring more people,and expand in an additional office that is located beneath their current...
Words: 545 - Pages: 3
... Name of Present Incumbent: (the person holding the position leaving) Mr Bob Brown__________________________________________________________ Position Reports to: Plant Manager NSW – Gary Denver Proposed Salary: $48,000 - $52,000 Existing Staff Salary: $50,944.40 Target Starting Date: 09/04/2014 Length of Probationary Period: 3 Months Recommended By: Gary Denver Date: 09/02/2014 Department Head: Jim Saunders Date: 09/02/2014 HUMAN RESOURCES Human Resources Advisor: Date: 09/02/2014 AUTHORISATIONAuthorised :Jim Saunders Date: 09/02/2014 (Managing Director of Business Unit): Al Perez Position Description POSITION TITLE:Shift Supervisor DIVISION:Production DEPARTMENT:Manufacturing RESPONSIBLE TO:Plant Manager Production of awnings. Ensuring stock control and stacking and re-stacking of product in warehouse. Maintenance of all plant and machinery. Liaise with suppliers and contractors. Arrange for efficient staffing for each shift, including selection, induction and training of staff and associated matters such as wages and conditions of employment. Work with the assembly-line team to ensure that the production plan is met in full and on time. Duties and Responsibilities In consultation with Production Manager, purchase all items necessary for production....
Words: 1977 - Pages: 8
...professional managers (the agents). Modern corporations allow firm managers to have no participation (or only limited ownership participation) in the profitability of the firm. Because the manager-agents usually have less to lose, they often seek acceptable levels of profits and shareholder wealth rather than maximizing profits unlike the owner-principals. Owner-principals tend to pursue their own self-interests. For example, agents may have less interest in maximizing profits in order to focus on their own interests like long-term job security. This is known principal-agent conflict. To mitigate agency problems, the compensation committee of the board should concentrate on more long-term incentives in order to avoid financially crippling a corporation by distributing large sums of cash at a single time. It also allows for more capital to be available to the company to make more profits. In general, managers will be more motivated when receiving extra income in the form of higher salaries, cash compensation and bonuses. I’m not sure of anyone that doesn’t like this type of reward. Also, this type of compensation is usually immediate. So, a manager can see an instant result. On the other hand, long-term incentives can be a little less motivating because of the time constraint, but can prove to be just as lucrative. If an executive’s pay is tied to their performance, they will be more motivated to do well rather than slack off. The point is for the managers to have the...
Words: 504 - Pages: 3