Professional Documents
Culture Documents
Comparing A Security Strategic Plan - Edited.edited
Comparing A Security Strategic Plan - Edited.edited
Student’s Name
Institution Affiliation
Date
Comparing a Security Strategic Plan 2
Part 1
the appropriate information that they can use to be able to make informed decisions. Another
aim is to help the management focus on accomplishing its goals. Finally, the purpose of the
plan is to prepare the organization in case of a data breach. When a cyber-attack happens,
employees will be able to know what to do to deal with the attack and hoe to recover from it.
The purpose of a security policy is to help employees understand how to maintain the
security of data [ CITATION Kyo16 \l 2057 ]. Customers are also able to have confidence in a
company when they see the security policies that are put in place to be able to protect their
data. Customer satisfaction increases, and the business can grow. Employees may lose data
due to negligence [ CITATION Fay17 \l 2057 ]. The policies, therefore, can outline the
consequences that an employee might face when they violate them. It puts the employees in
First is the response when a security breach takes place. The plan comes up with
communication plans, protocols, and recovery plans. The strategic plan also includes ways in
which the company will integrate the cybersecurity measures into the organization. Finally,
the strategic plans include a section that will ensure regular assessment of the organization’s
systems to ensure that there are no future attacks and that the systems meet the standards that
The components of a security policy should include the reason why the
organization came up with security policies. The components also include, who are under the
policy, including employees, managers, the technological equipment, and the line of business
where the policies will be applied. The policy also states the people who have the
Comparing a Security Strategic Plan 3
policy is the disciplinary actions that an employee would face if they violate any of the
policies.
The key stakeholders in making of a cyber-security strategic plan are the government.
The government provides standards that need to be met by all business owners regarding
cybersecurity[ CITATION Dar17 \l 2057 ]. Other stakeholders are the IT specialists, more
importantly, the Chief Information Security Officer. The management of a business is also
present when making a strategic cybersecurity plan. Another key stakeholder is the
employees. Employees need representation in the making of the strategic plans since they are
part of the team that is required for the plan to take effect.
The key stakeholders in a cyber-security policy are the business executives who
own the business. They allocate the funds that are useful for the implementation of some of
these policies. Secondly, is the legal department of the business. The legal department needs
to ensure that the policies meet the standards that are set in place by the government. In
public companies, the board of members is a key stakeholder. The board is responsible for
approving and reviewing the policies before they take effect in the company. The human
resource department is also a stakeholder since they have the responsibility of enforcing the
policies and disciplining those who go against them. The department decides whether there
was an employee had violated any of the policies. They also review complaints filed against
employees regarding the same. Finally, the procurement department is part of the
therefore, have to ensure that online vendors comply with the policies put in place regarding
cybersecurity. Vendors that do not meet the policies are not allowed to trade with the
organization.
Comparing a Security Strategic Plan 4
Part 2
References
Alqahtani, F. H. (2017). Developing an Information Security Policy: A Case Study
Galinec, D., Moznik, D., & Guberina, B. (2017). Cybersecurity and Cyberdefense: a national
Min, K., & Chai, S.-W. (2016). An Analytic Study of Cyber Security Strategies of Japan.
https://doi.org/10.14257/ijsia.2016.10.10.05.