Law & Policy Case Study Essays

1833 Words May 19th, 2013 8 Pages
Law and Policy Case Study
Bradley L. Hardman
UMUC

What does the word policy mean to you? In this study there will be a clear definition of the word and what it means to the company. After that is clearly defined, the next topics will be regulations and laws. Those three will cover legal environment and lead into a look at the impact the legal environment has on an organization. The final area to address is confidentiality, integrity, and availability of information. To begin with the definition of policy for our purposes comes in two parts. The first part is the definition of policy as it applies to the government be it federal, state, or local. From the website dictionary.com a
…show more content…
Policies in general play important roles in organizations. They define a set of rules and procedures that all employees must abide by. Information security thrives to make sure that all of the organization's data are safe and secure against attacks. It sets up protocols to follow in order to achieve maximum data integrity, availability, and confidentiality. There are two types of policies that rein in an organization: government policies and organizational policies.

In information security, government policies are policies issued by federal, state, local, or tribal government and which provide a framework for government organizations to establish local policies and procedures necessary for the protection of information and technology assets (British Columbia, 2011). The second sets of policies that guide an organization are organizational policies. These are written to guide an organization's compliance with laws, regulations, and policies. Organizational security policies should fulfill many purposes such as protect people and information; set the rules for expected behavior by users, system administrators, management, and security personnel; authorize security personnel to monitor, probe, and investigate; define and authorize the consequences of violation; define the company consensus baseline stance on security; help minimize risk; and finally help track compliance with regulations

Related Documents