BTEC NAT Unit 15 - Organisational Systems Security ORGANISATIONAL SYSTEMS SECURITY Unit 15 Lecture 7 EMPLOYMENT CONTRACTS & CODES OF CONDUCT.

Slides:



Advertisements
Similar presentations
The Risk Management Process (AS/NZS 4360, Chapter 3)
Advertisements

1 Discipline, Capability and Grievance resolution: for those with responsibility for others Jessie Monck, PPD, Human Resources Division.
Acceptable Use of Computer and Network Resources Jim Conroy Acting Director, Academic Computing Services September 9, 2013.
Health and Safety - an update Ian Gillett Safety Director.
CODE OF ETHICS South Australian Public Sector Public Sector Act, 2009.
Security, Privacy, and Ethics Online Computer Crimes.
WELCOME Annual Meeting & Compliance Seminar. Code of Conduct - Impact on Corporate Culture by Andy Greenstein Knight Capital Group, Inc.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.
Session 3 – Information Security Policies
Network security policy: best practices
Manpower : Employing the right people for your project Liz Bates Chief Executive Officer Heritage Trust of Lincolnshire.
Computer Security: Principles and Practice
Control environment and control activities. Day II Session III and IV.
Isle of Wight Local Safeguarding Children Board Roles And Responsibilities.
Security Awareness Norfolk State University Policies.
© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.
Handling information 14 Standard.
Section 9 External and internal resources AQA ICT A2 Level © Nelson Thornes Section 9: External and internal resources Management of Internal Resources.
Maintain Ethical Conduct
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 14 – Human Factors.
Standard Operating Procedures Joe Wherton Queen Mary University of London
Effective Restrictions on Internet Usage What is our responsibility? & What can I do?
EFFECT OF CORPORATE IT POLICIES ON OTHERWISE PRIVILEGED COMMUNICATIONS Prepared by Joel P. Hoxie of Snell & Wilmer November 2010 Presented by: Jon Barton.
By: Amorntip Im-Um ID: C Introduction: an new employee manual or staff handbook, is a book given to employees by AOI Institute. The employee handbook.
Information Security Governance and Risk Chapter 2 Part 3 Pages 100 to 141.
What are the rules? Information technology is available to every student, faculty and staff member in support of the essential mission of the University.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
1 User Policy (slides from Michael Ee and Julia Gideon)
13.6 Legal Aspects Corporate IT Security Policy. Objectives Understand the need for a corporate information technology security policy and its role within.
UNIT 15 WEEK 9 CLASS 1 LESSON OVERVIEW Pete Lawrence BTEC National Diploma Organisational System Security.
Information Security Training for People who Supervise Computer Users.
The Library’s Internet Acceptable Use Policy What it is for Why it is important What you need to know How you can help users understand it.
Wayne County Public Schools Technology Usage and Policies.
Session 7 Compliance failure policy. 1 Contents Part 1: COLP and COFA duties Part 2: What do we have to comply with and why does it matter? Part 3: Compliance.
Session 8 Confidentiality and disclosure. 1 Contents Part 1: Introduction Part 2: The duty of confidentiality Part 3: The duty of disclosure Part 4: Confidentiality.
Security Awareness – Essential Part of Security Management Ilze Murane.
By: Christina Anderson EDTC 630. AUP stands for Acceptable Use Policy  The AUP is an outline of procedures/rules to inform all students and employees.
Information Systems Unit 3.
LAUSD Responsible Use Policy (RUP) BUL – Attachment A.
INTERNET SAFETY.
TRUENORTH TECHNOLOGY POLICIES OVERVIEW. This includes but is not limited to : – Games – Non-work related software – Streaming media applications – Mobile.
Chapter 8 Auditing in an E-commerce Environment
Legal framework Look at the legal compliance and framework a business is subject to.
? Moral principles of right and wrong Used by individuals/organisations To guide behaviour.
ICT and the Law Mr Conti. Did you see anything wrong with that? Most people wouldn’t want that sort of information posted in a public place. Why? Because.
Woodland Hills School District Computer Network Acceptable Use Policy.
Session 12 Information management and security. 1 Contents Part 1: Introduction Part 2: Legal and regulatory responsibilities Part 3: Our Procedures Part.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
Policies and Security for Internet Access
ICT Legislation  Copyright, Designs and Patents Act (1988);  Computer Misuse Act (1990);  Health and Safety at Work Act (1974);  EU Health and Safety.
Deck 5 Accounting Information Systems Romney and Steinbart Linda Batch February 2012.
The roles of people at different levels of the organisation OCR Diploma.
Computer Security Sample security policy Dr Alexei Vernitski.
ACCEPTABLE USE POLICY: INFORMATION TECHNOLOGY RESOURCES IN THE SCHOOLS The school's information technology resources, including and Internet access,
Proper Internet and Social Media Usage Internet Usage While on Premise Board Policy GBEAA (The Internet Acceptable Use Policy): “Employees will.
Lecture 5 Control and AIS Copyright © 2012 Pearson Education 7-1.
Public sector whistleblowing: Ombudsman Victoria’s experience 10 June 2010 Glenn Sullivan, Director Ombudsman Victoria.
Welcome to the ICT Department Unit 3_5 Security Policies.
Section 4 Policies and legislation AQA ICT A2 Level © Nelson Thornes Section 4: Policies and Legislation Legislation – practical implications.
Somerset ISD Online Acceptable Use Policy. Somerset Independent School District Electronic Resources Acceptable Use Policy The purpose of this training.
Information Technology Acceptable Use An Overview
Unit 7 – Organisational Systems Security
Unit 7 – Organisational Systems Security
Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .
Chapter 8 Developing an Effective Ethics Program
How it affects policies and procedures
Student User Agreement and Policy 2022
Woodland Hills School District
Presentation transcript:

BTEC NAT Unit 15 - Organisational Systems Security ORGANISATIONAL SYSTEMS SECURITY Unit 15 Lecture 7 EMPLOYMENT CONTRACTS & CODES OF CONDUCT

BTEC NAT Unit 15 - Organisational Systems Security Learning Objectives We need to examine a few more policies normally associated with Human Resources and look at how they can incorporate security issues Common Policies: Hiring Policy Hiring Policy Separation of Duties Separation of Duties Disciplinary & Investigation procedures Disciplinary & Investigation procedures Training & Communication Training & Communication

BTEC NAT Unit 15 - Organisational Systems Security Hiring Policy Hiring Policy Recruitment / promotion of employees Recruitment / promotion of employees Must not conflict with National Employment Law Must not conflict with National Employment Law Hiring will look at the following: o Employee background & employment record o Criminal record & references o Initial assessment or probationary period

BTEC NAT Unit 15 - Organisational Systems Security Separation of Duties Separation of Duties Do not rely on one individual to maintain overall security Team members – each have critical duties to manage Deputies to cover for absence / departure

BTEC NAT Unit 15 - Organisational Systems Security Disciplinary & Investigation Procedures Disciplinary & Investigation Procedures Fair, confidential & legally acceptable Fair, confidential & legally acceptable Comply with set procedures Comply with set procedures False accusations – Legal actions False accusations – Legal actions The Steps: The Steps: Suspension with pay Suspension with pay Independent investigation Independent investigation Fair & impartial Fair & impartial Police involvement if criminal matter Police involvement if criminal matter

BTEC NAT Unit 15 - Organisational Systems Security Training & Communication Training & Communication Staff must receive the necessary training Staff must receive the necessary training Maintain regular communication with staff Maintain regular communication with staff Ensure awareness of responsibilities Ensure awareness of responsibilities

BTEC NAT Unit 15 - Organisational Systems Security Learning Objectives Codes of Conduct Employees to sign and agree to a variety of policies. Rules of the organisation and security needs Usage policy Usage policy Internet Usage policy Internet Usage policy Software Acquisition & Installation policy Software Acquisition & Installation policy User Area Usage policy User Area Usage policy Account management policy Account management policy

BTEC NAT Unit 15 - Organisational Systems Security Usage Policy Usage Policy What is unacceptable – sending s What is unacceptable – sending s Acceptable size & type of attachments Acceptable size & type of attachments Management of mailbox contents Management of mailbox contents No stalking, harassment, spamming No stalking, harassment, spamming No external exchange of corporate info No external exchange of corporate info The network management has the right to monitor all s

BTEC NAT Unit 15 - Organisational Systems Security Internet Usage Policy Internet Usage Policy What sites can be visited What sites can be visited What cannot be downloaded What cannot be downloaded Network management has the right to monitor network traffic

BTEC NAT Unit 15 - Organisational Systems Security Software Acquisition & Installation Policy Software Acquisition & Installation Policy Stop personal & unlicensed software being installed on the system Stop personal & unlicensed software being installed on the system No duplication of software No duplication of software Prevent compatibility problems Prevent compatibility problems Prevent transmission of worms, viruses & trojans Prevent transmission of worms, viruses & trojans

BTEC NAT Unit 15 - Organisational Systems Security User Area Usage Policy User Area Usage Policy Storage space for a large number of users Storage space for a large number of users Define what users cannot store – limits Define what users cannot store – limits Storage space will vary according to employee’s role Storage space will vary according to employee’s role eg software developers

BTEC NAT Unit 15 - Organisational Systems Security Account Management Policy Account Management Policy Responsibilities Network management: Network management: Maintain level of service Users: Users: Current & updated passwords Non-sharing – personal details

BTEC NAT Unit 15 - Organisational Systems Security Activity 7 Activity 7 Codes of Conduct & Usage Policies 1. Read through the College IT usage policy 2. Examine the example Codes of Conduct 3. Look at Professional bodies websites and check for policies / codes of conduct 4. How would you change or add to the college policy to make usage more secure?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.