Presentation is loading. Please wait.

Presentation is loading. Please wait.

BTEC NAT Unit 15 - Organisational Systems Security ORGANISATIONAL SYSTEMS SECURITY Unit 15 Lecture 7 EMPLOYMENT CONTRACTS & CODES OF CONDUCT.

Published byShawn Cain Modified over 8 years ago

Similar presentations

Presentation on theme: "BTEC NAT Unit 15 - Organisational Systems Security ORGANISATIONAL SYSTEMS SECURITY Unit 15 Lecture 7 EMPLOYMENT CONTRACTS & CODES OF CONDUCT."— Presentation transcript:

1 BTEC NAT Unit 15 - Organisational Systems Security ORGANISATIONAL SYSTEMS SECURITY Unit 15 Lecture 7 EMPLOYMENT CONTRACTS & CODES OF CONDUCT

2 BTEC NAT Unit 15 - Organisational Systems Security Learning Objectives We need to examine a few more policies normally associated with Human Resources and look at how they can incorporate security issues Common Policies: Hiring Policy Hiring Policy Separation of Duties Separation of Duties Disciplinary & Investigation procedures Disciplinary & Investigation procedures Training & Communication Training & Communication

3 BTEC NAT Unit 15 - Organisational Systems Security Hiring Policy Hiring Policy Recruitment / promotion of employees Recruitment / promotion of employees Must not conflict with National Employment Law Must not conflict with National Employment Law Hiring will look at the following: o Employee background & employment record o Criminal record & references o Initial assessment or probationary period

4 BTEC NAT Unit 15 - Organisational Systems Security Separation of Duties Separation of Duties Do not rely on one individual to maintain overall security Team members – each have critical duties to manage Deputies to cover for absence / departure

5 BTEC NAT Unit 15 - Organisational Systems Security Disciplinary & Investigation Procedures Disciplinary & Investigation Procedures Fair, confidential & legally acceptable Fair, confidential & legally acceptable Comply with set procedures Comply with set procedures False accusations – Legal actions False accusations – Legal actions The Steps: The Steps: Suspension with pay Suspension with pay Independent investigation Independent investigation Fair & impartial Fair & impartial Police involvement if criminal matter Police involvement if criminal matter

6 BTEC NAT Unit 15 - Organisational Systems Security Training & Communication Training & Communication Staff must receive the necessary training Staff must receive the necessary training Maintain regular communication with staff Maintain regular communication with staff Ensure awareness of responsibilities Ensure awareness of responsibilities

7 BTEC NAT Unit 15 - Organisational Systems Security Learning Objectives Codes of Conduct Employees to sign and agree to a variety of policies. Rules of the organisation and security needs Email Usage policy Email Usage policy Internet Usage policy Internet Usage policy Software Acquisition & Installation policy Software Acquisition & Installation policy User Area Usage policy User Area Usage policy Account management policy Account management policy

8 BTEC NAT Unit 15 - Organisational Systems Security Email Usage Policy Email Usage Policy What is unacceptable – sending emails What is unacceptable – sending emails Acceptable size & type of attachments Acceptable size & type of attachments Management of mailbox contents Management of mailbox contents No stalking, harassment, spamming No stalking, harassment, spamming No external exchange of corporate info No external exchange of corporate info The network management has the right to monitor all emails

9 BTEC NAT Unit 15 - Organisational Systems Security Internet Usage Policy Internet Usage Policy What sites can be visited What sites can be visited What cannot be downloaded What cannot be downloaded Network management has the right to monitor network traffic

10 BTEC NAT Unit 15 - Organisational Systems Security Software Acquisition & Installation Policy Software Acquisition & Installation Policy Stop personal & unlicensed software being installed on the system Stop personal & unlicensed software being installed on the system No duplication of software No duplication of software Prevent compatibility problems Prevent compatibility problems Prevent transmission of worms, viruses & trojans Prevent transmission of worms, viruses & trojans

11 BTEC NAT Unit 15 - Organisational Systems Security User Area Usage Policy User Area Usage Policy Storage space for a large number of users Storage space for a large number of users Define what users cannot store – limits Define what users cannot store – limits Storage space will vary according to employee’s role Storage space will vary according to employee’s role eg software developers

12 BTEC NAT Unit 15 - Organisational Systems Security Account Management Policy Account Management Policy Responsibilities Network management: Network management: Maintain level of service Users: Users: Current & updated passwords Non-sharing – personal details

13 BTEC NAT Unit 15 - Organisational Systems Security Activity 7 Activity 7 Codes of Conduct & Usage Policies 1. Read through the College IT usage policy 2. Examine the example Codes of Conduct 3. Look at Professional bodies websites and check for policies / codes of conduct 4. How would you change or add to the college policy to make usage more secure?

Download ppt "BTEC NAT Unit 15 - Organisational Systems Security ORGANISATIONAL SYSTEMS SECURITY Unit 15 Lecture 7 EMPLOYMENT CONTRACTS & CODES OF CONDUCT."

Similar presentations

The Risk Management Process (AS/NZS 4360, Chapter 3)

The Risk Management Process (AS/NZS 4360, Chapter 3)
1 Discipline, Capability and Grievance resolution: for those with responsibility for others Jessie Monck, PPD, Human Resources Division.

1 Discipline, Capability and Grievance resolution: for those with responsibility for others Jessie Monck, PPD, Human Resources Division.
Acceptable Use of Computer and Network Resources Jim Conroy Acting Director, Academic Computing Services September 9, 2013.

Acceptable Use of Computer and Network Resources Jim Conroy Acting Director, Academic Computing Services September 9, 2013.
Health and Safety - an update Ian Gillett Safety Director.

Health and Safety - an update Ian Gillett Safety Director.
CODE OF ETHICS South Australian Public Sector Public Sector Act, 2009.

CODE OF ETHICS South Australian Public Sector Public Sector Act, 2009.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
WELCOME Annual Meeting & Compliance Seminar. Code of Conduct - Impact on Corporate Culture by Andy Greenstein Knight Capital Group, Inc.

WELCOME Annual Meeting & Compliance Seminar. Code of Conduct - Impact on Corporate Culture by Andy Greenstein Knight Capital Group, Inc.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS 4600 - © Abdou Illia.

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Network security policy: best practices

Network security policy: best practices
Manpower : Employing the right people for your project Liz Bates Chief Executive Officer Heritage Trust of Lincolnshire.

Manpower : Employing the right people for your project Liz Bates Chief Executive Officer Heritage Trust of Lincolnshire.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Control environment and control activities. Day II Session III and IV.

Control environment and control activities. Day II Session III and IV.
Isle of Wight Local Safeguarding Children Board Roles And Responsibilities.

Isle of Wight Local Safeguarding Children Board Roles And Responsibilities.
Security Awareness Norfolk State University Policies.

Security Awareness Norfolk State University Policies.
© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.

© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.
Handling information 14 Standard.

Handling information 14 Standard.
Section 9 External and internal resources AQA ICT A2 Level © Nelson Thornes 2009 1 Section 9: External and internal resources Management of Internal Resources.

Section 9 External and internal resources AQA ICT A2 Level © Nelson Thornes Section 9: External and internal resources Management of Internal Resources.
Maintain Ethical Conduct

Maintain Ethical Conduct

Similar presentations

Ads by Google