Understanding Organizational Policies, Procedures, Standards, and Guidelines, Exercises of Network security

Definitions and explanations for the concepts of policies, procedures, standards, and guidelines in an organizational context. Policies are formal statements of an organization's beliefs, goals, and acceptable procedures, while procedures describe the process for implementing policies. Standards are mandatory actions or rules that support policies, and guidelines are recommendations for achieving policy objectives. Policies require compliance, while procedures define 'how' to protect resources and enforce policies.

Typology: Exercises

2020/2021

Uploaded on 06/04/2021

pkhokhali
pkhokhali 🇳🇵

5

(1)

18 documents

1 / 1

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Write down your understanding of these terms:
Policies
A formal, brief, and high-level statement or plan that embraces an organization's general beliefs, goals,
objectives, and acceptable procedures for a specified subject area. Policies always state required
actions, and may include pointers to standards. Policy attributes include the following:
Require compliance (mandatory)
Failure to comply results in disciplinary action
Focus on desired results, not on means of implementation
Further defined by standards and guidelines
Procedures
Procedures describe the process: who does what, when they do it, and under what criteria. They can be
test based or outlined in a process map. Represent implementation of Policy.
A series of steps taken to accomplish an end goal.
Procedures define "how" to protect resources and are the mechanisms to enforce policy.
Procdeures provide a quick refrence in times of crisis.
Procedures help eliminate the problem of a single point of failure.
Also known as a SOP (Standard Operation Procedure)
Standards
A mandatory action or rule designed to support and conform to a policy.
A standard should make a policy more meaningful and effective.
A standard must include one or more accepted specifications for hardware, software, or
behavior.
Guidelines
General statements, recommendations, or administrative instructions designed to achieve the policy's
objectives by providing a framework within which to implement procedures.
A guideline can change frequently based on the environment and should be reviewed more
frequently than standards and policies.
A guideline is not mandatory, rather a suggestion of a best practice. Hence "guidelines" and
"best practice" are interchangeable.

Partial preview of the text

Download Understanding Organizational Policies, Procedures, Standards, and Guidelines and more Exercises Network security in PDF only on Docsity!

Write down your understanding of these terms:

Policies

A formal, brief, and high-level statement or plan that embraces an organization's general beliefs, goals, objectives, and acceptable procedures for a specified subject area. Policies always state required actions, and may include pointers to standards. Policy attributes include the following:  Require compliance (mandatory)  Failure to comply results in disciplinary action  Focus on desired results, not on means of implementation  Further defined by standards and guidelines

Procedures

Procedures describe the process: who does what, when they do it, and under what criteria. They can be test based or outlined in a process map. Represent implementation of Policy.  A series of steps taken to accomplish an end goal.  Procedures define "how" to protect resources and are the mechanisms to enforce policy.  Procdeures provide a quick refrence in times of crisis.  Procedures help eliminate the problem of a single point of failure.  Also known as a SOP (Standard Operation Procedure)

Standards

A mandatory action or rule designed to support and conform to a policy.  A standard should make a policy more meaningful and effective.  A standard must include one or more accepted specifications for hardware, software, or behavior.

Guidelines

General statements, recommendations, or administrative instructions designed to achieve the policy's objectives by providing a framework within which to implement procedures.  A guideline can change frequently based on the environment and should be reviewed more frequently than standards and policies.  A guideline is not mandatory, rather a suggestion of a best practice. Hence "guidelines" and "best practice" are interchangeable.