• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

BTEC National in IT Organisational systems security - Policies and guidelines for IT security (P4)

Extracts from this document...


1. Policies and guidelines for IT security Disaster recovery policies: This is an action plan if you will of what employees will do as result of a certain disaster. These disasters may include things such as; theft, fire, flood, human error or hardware failure. The recovery policy is put in place to ensure that if such an event occurs the organisation can function as normal again as quickly as possible. There are several things you should consider when designing your disaster recovery policy. What storage media are you going to use will depend on two main factors, how much data needs to be stored and how quickly are you going to need to retrieve this data. Where you store the backup media, you can either store the backups on site which will mean you can retrieve the backups as quickly as possible but makes them vulnerable, or you can store the backup media off-site which makes them more secure but increases the time it takes to retrieve it. ...read more.


Security audits are important to help provide information relating to the improvement of the disaster recovery policies and security procedures. Codes of conduct for email usage policy: This is a set of rules which outlines how a person is to behave within a group setting. For your company this will be used to help improve system security and will attempt to avoid downloading any Waldemar or be subject to any social engineering which may harm your systems or company. This will be enforced by the use of a contract that your employees must sign putting legal obligation on them to follow the codes of conduct. In relation to email usage it may include things such as; size of attachments, how to manage the in box, what personal view may be expressed, response times, forwarding of emails to other, unacceptable behaviour such as harassment or sending spam among other things. Included in this should be the right for the network administrator to monitor employees emails. Surveillance policy: This may be relate to the monitoring of premises by the use of CCTV cameras to improve physical security, or it ...read more.


Risk management can refer to your systems security and be tackled by keeping systems software updated and installing anti-virus programmes or it may simply be in regards to health and safety. Budget setting: This is how much money you put into your systems security and it should reflect the amount of financial damage that may occur as a result of a security leak of your systems. Budget setting in relation to to systems and organisation security should not be an after thought, without proper funding for an appropriate security system the risk of loss increases exponentially. Budget setting in general in itself is a security risk, if it is done improperly then the organisation as a whole suffers and may even become bankrupt. Smart budget setting for systems security is therefore imperative, things that must be considered in terms of the cost to benefit ratio are as follows; software licensing, security personnel wage, how much an audit will cost, the cost of your chosen disaster recovery plan for example the cost of backup media and the training of staff for your security procedures and codes of conduct. ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our AS and A Level Computer Science section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related AS and A Level Computer Science essays

  1. Marked by a teacher

    Business & IT Department BTEC. Organisational System Security - Describe the various types of ...

    3 star(s)

    Human Errors: is when someone makes a mistake which results in data being lost. Incidents such as people accidentally deleting files and pulling plugs and such. 5. Theft: Theft occurs when criminals gain access to an office building or other work environment and physically steal hardware and other entities

  2. Peer reviewed

    information systems assignment 2

    4 star(s)

    This can help the supermarket decide where to place certain products within the supermarket and also help how many of the products to order based on the sale of the product, (e.g. buy a lot of the products if sales are high, and less products if the sales are low)

  1. Peer reviewed

    Organisational system security - The possible security issues which exist within the FilmPoster.com system

    3 star(s)

    posters, asking them to dial a number in regards to their details such as bank accounts and once the number has been dialled, the customer is told to enter their account details and PIN's. Phishing is mainly carried out using email or instant messaging directing users to enter their details

  2. Computer systems assignment 1

    If it is read by the computer I Click on the icon of CD-drive to explore the content of the CD. After that I look for an icon "Setup" and double click on it to start the installation process. In the main setup window I can see that it is

  1. GCSE I.T Security Case Study - Riverside Leisure Centre

    This will consist of: A description of their data, What it contains the purposes for which it is being processed, Why it is being processed people to whom it may be disclosed, Who is allowed to see it the name of the organisation that is actually carrying out the processing of their data.

  2. Internet security

    On the day, a stranger shows up uninvited, gatecrashes the party and destroys his house. This could happen when person gives full details about themselves online. Which law is in place in the UK to enforce how personal data is used?

  1. BTEC National in IT Organisational systems security - Software and network security (P3,M2,D1)

    Firewall configurations: A firewall can be hardware or software. This is where traffic into and out of the computer system is controlled, allowing or disallowing traffic to enter or leave the network. This is done by the use of rules configured by the admin or user depending on the situation.

  2. Small Office Network Implementation - hardware and security.

    The device is thus a form of multiport repeater. Ethernet hubs are also responsible for forwarding a jam signal to all ports if it detects a collision. Hubs also often come with a BNC and/or AUI connector to allow connection to legacy 10BASE2 or 10BASE5 network segments.

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work