Security Policies - P4 - Computer Systems

Task 1 Security Policies and Guidelines (P4)
In the world of ICT there are many policies and rules that can affect the general security or approach towards companies and businesses. The most common policies of which that are affected are:
  * Budget setting
  * Scheduling of security audits
  * Surveillance and monitoring
  * Disaster recovery
  * Updating of security procedures
  * Codes of conduct
  * Risk Management
Budget setting is vital in all businesses looking to make money. One particular aspect of budgeting which always needs to be considered is Security. All businesses should set aside a budget in order to protect both their own and their clients’ interests and assets. Active and efficient security is not free so it requires investment. When budgeting, a company must consider the following:
  * The replacement cost of redundant equipment and software – this is due to the company perhaps already having some aspects of security available and active, they may wish to build on this and add more devices and software perhaps even upgrade their current software, when this occurs, they will need to figure out what software and equipment they require and how much they need to spend.

  * The cost of security audits – Security audits are
Every business must have a disaster recovery policy to follow what actions must be taken in the event of a manmade or natural disaster. The disasters these policies may cover are:

  * Fires
  * Power cuts
  * Terrorist attacks
  * Computer viruses
  * Legal issues
  * Worker strikes
  * Natural disasters
  * System failures
  * Human error
  * Loss of key personnel

Updating of security procedures the use of updating the security is to make sure that new threats are covered like new viruses. Scheduling of security audits is to look at the different systems to see if the same thing keeps coming up like if people can break in the building or hack the system they all need testing ...