Reference no: EM131247787
•Consider the organization where you work, or an organization where you would like to work if you are not currently employed.
•Create a Policy that would benefit your organization
•Suggest some controls for your policy
•Suggest an audit mechanism
Use the following Format for your policy:
Overview
You should put one or two sentences here that summarize the policy and its purpose for management. This is typically an explanation of why the policy exists. Don't be too technical.
Scope
This is where you define who or what the policy applies to, from all employees to only cashiers that handle cash in the front office. If it applies to equipment, it could be all equipment, all servers, all network connected equipment, or just company issued cell phones. Be specific.
Policy
This is where the policy is actually defined. Don't be too specific, leave that to the procedures and controls that support the policy.
For example, a password policy might state that users cannot share passwords, passwords must be complex, help desk personnel never request passwords, and passwords must rotate periodically. The details of good password construction can be then put in a guideline document, instructions for the help desk on reseting passwords can be a procedure, and that Group Policy is used to force password changes every 60 days is a technical control. None of that should be in the policy, but it all needs to be properly documented and communicated to the people that need it - the guidelines to all staff, the help desk procedure to help desk staff, and the technical controls to the domain admins.
If you are in doubt remember that good policy statements talk about what the policy is trying to accomplish, and are addressed to a wide audience. Procedures and controls talk about how it is to be accomplished and are addressed to the staff that must carry it out.
Compliance Measurement
Typically, this section includes the job title of the person responsible for overseeing its implementation or the department if multiple people are responsible, a reference to audit mechanisms, and the consequences for failure to abide by policy.
Definitions, Related Standards, and Policies
This section usually contains definitions of technical or ambiguous terms, cross-references to applicable regulations, and other policies that relate to this policy. Examples include union contracts, discipline policies, and implementation guidelines. In our password policy example, this where readers would be told to consult the password construction guideline document.
Exceptions
If there any circumstances that might allow temporary exception to the policy, such as during an emergency, define them here. If there is anyone with the authority to temporarily waive the policy, they should be identified by job title. This section is often omitted since many policies do not allow any exceptions.
|
Case analysis - tesla motors
: Case Analysis: Tesla Motors: Disrupting the Auto Industry, Read the case, "Tesla Motors: Disrupting the Auto Industry" (see attachment) use the case analysis format provided below to address to identify the problems and provide several suggested so..
|
|
What is the required semi-annual deposit to be made
: If interest is 8% compounded semi-annually, what is the required semi-annual deposit to be made?
|
|
Cash to the partnership for total ownership equity
: Musa Moshref and Shaniqua Hollins have operated a successful firm for many years, sharing net income and net losses equally. Taylor Anderson is to be admitted to the partnership on July 1 of the current year, in accordance with the following agreemen..
|
|
How did fed interest rate target respond to the demand shock
: What how did Fed interest rate target respond to this demand shock? What happened to to interest rates when the Fed changed its desired inflation rate? What does the relationship between the inflation and unemployment appear to be?
|
|
Summarize the policy and its purpose for management
: This section usually contains definitions of technical or ambiguous terms, cross-references to applicable regulations, and other policies that relate to this policy. Examples include union contracts, discipline policies, and implementation guideli..
|
|
Explain why some of these policies might be adopted
: In what ways is the emergence of China as the "workshop of the world" an opportunity for other developing countries, and in what ways is it a threat?
|
|
Selling common stock to owners in exchange
: ABC Company began operations in June, 2017 by selling common stock to owners in exchange for $70,000 cash. During 2017, ABC Company entered into the following transactions: Calculate the amount of net income that ABC Company would report in its 2017 ..
|
|
Computer system with both segmentation and paging
: Consider a computer system with both segmentation and paging. When a segment is in memory, some words are wasted on the last page. In addition, for a segment size s and a page size p, there are s/p page table entries.
|
|
How the scope will be communicated to all stakeholders
: For the given scenario, create a project scope management plan that will detail how the project scope will be defined, managed, and controlled to prevent scope creep. The plan may also include how the scope will be communicated to all stakeholders..
|