Essay about Kudler Fine Foods Security Report

803 Words Oct 10th, 2012 4 Pages
Kudler Fine Foods IT Security Report
Team B
CMGT/400
September 10, 2012
Instructor
University of Phoenix

Kudler Fine Foods new frequent shopper program’s security policy will protect the confidentiality and integrity of the customer’s and the company. When preparing the company’s security policy the first step is to determine the key elements to include in the policy that will support the goal of protecting the customer and company in the new frequent shopper program. Security accountability will confirm who has the responsibility to manage the program, who will maintain the program, and what to expect from the general user. (Taylor, 2001) By determining the responsibilities and expectations of the staff, Kudler Fine Foods
…show more content…
This policy will include the card readers installed at each retail location, and the customer data given to each cashier. Each retail location participating in the frequent shopper program will have extensive training on the policies and procedures and employees will behave in a professional manner.
It is up to the users in the retail environment to practice good security measures responsibly in able to fully protect customer’s private information. A customer could potentially sue the business in lieu of a data leak due to negligence from the employees. Not only is it good practice to use information security, but employees may legally be held liable for their actions (or inactions) when handling sensitive information. Meiring de Villiers (2010) states, “The plaintiff defines the standard of care in negligence law by identifying and pleading an untaken precaution. The plaintiff must then prove that the precaution is cost-effective and that the defendant's failure to take the precaution was the actual and proximate cause of real harm to the plaintiff. The untaken precaution forms the basis of the plaintiff's case and defines the standard of care that the defendant, the court hearing the case, and perhaps a subsequent appellate court will use.” (paragraph 4)
The information security policy will include an incident report assessment to specify how to handle a problem and define the appropriate procedures to take in the event of security violation.

Related Documents