Guidelines for Customer Information Security Policy at OZ Dispatch

Verified

Added on  2023/01/13

|16
|3670
|53
Report
AI Summary
Read More
tabler-icon-diamond-filled.svg

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Running head: CUSTOMER INFORMATION SECURITY POLICY
Customer Information Security Policy
(OZ Dispatch)
Name of the student:
Name of the university:
Author Note
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
1CUSTOMER INFORMATION SECURITY POLICY
Executive summary
OZ Dispatch, a popular he business has been operating at various places like Parramatta, NSW AND
Australia. The customer security programs is implemented to the financial data for the customers of
any business. Various aspects of the standards of customer security policy for OZ Dispatch is
analyzed here. Thus, the report is intended to develop an important program of managing data
security for OZ Dispatch.
Document Page
2CUSTOMER INFORMATION SECURITY POLICY
Table of Contents
Introduction:..........................................................................................................................................3
Discussion on Customer Information Security Policy at OZ Dispatch:................................................3
1. Ethical security policies to be considered:......................................................................................3
2. Security policy for data management:.............................................................................................4
3. Policies against cybercrime:............................................................................................................6
4. Customer information security policies developed by OZ Dispatch internally:.............................6
5. Recommended customer information security policies to be set by OZ Dispatch:........................9
Conclusion:..........................................................................................................................................11
References:..........................................................................................................................................12
Document Page
3CUSTOMER INFORMATION SECURITY POLICY
Introduction:
The OZ Dispatch is a home delivery service plan. It has been operating its business from
Australia, NSW and Parramatta. The business deploying and designing the OZ Dispatch’s network
has intended to create significant data security managing program for the above home delivery
business.
For continuing the protection of private data and information of OZ Dispatch, the customer
information security policy is needed to be deployed. A security program is applicable to the financial
information of the customers of the company. In the following study the various customer
information security policies are understood for OZ Dispatch.
Discussion on Customer Information Security Policy at OZ Dispatch:
1. Ethical security policies to be considered:
For OZ Dispatch, the AISA or “Australian Information Security Association Code of Ethics”
is to be followed. This includes the behavior rules of conference. OZ Dispatch being the member of
AISA should be acting as per the rules. This is applicable to distinct professional behaviors. This
must take pace every time especially in the organized events of AISA.
Thus the ethics of information system for customer information security policy includes the
following.
Development of moral values under the area of an information system.
Creation of the latest structures of power under the information myths and information fields.
Determining the secret contradictions and the information practices and theories of the
intentionality.
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
4CUSTOMER INFORMATION SECURITY POLICY
Developing various ethical conflicts for the information sector.
At first the ethics that is required to be followed by the OZ Dispatch’s delivery staffs is
needed to be understood. Firstly, it must be reminded that except for twenty delivery managers and
staffs, there are no other employees that have been working at the distribution centres. Here, all the
delivery staff members and the managers acquire the smartphone that contains the essential
applications (Peltier 2016). Moreover, every distribution application comprises of Internet
connections and Wi-Fi. Further, all the servers are situated at Paramatta Office. There are no cloud
based solutions. In order to protect the business and customer data, there is a large secure network
that is needed to be designed.
The customer information security policy has been referring exclusively to different processes
that are designed for information security. It is a common term that involves InfoSec. Here, various
ethics are needed for information systems in order to overcome various ethical problems. First of all
the ethics regarding privacy is needed to be determined. This includes the data about the associations
and individuals that a person should be revealing to others. The conditions and the safeguards in the
situation are required to be maintained (Soomro, Shah & Ahmed 2016). The elements that must be
kept by individuals and never to be forced for revealing others is needed to be considered. Further,
accuracy is required to be maintained. Individuals are liable for the accuracy fidelity and authenticity
of data required to be maintained. In this way, the individuals that are held accountable for the errors
in information and the ways this has been the injured party for the overall situation is to be
understood.
Document Page
5CUSTOMER INFORMATION SECURITY POLICY
2. Security policy for data management:
The Australian Research Council is been committed towards developing the advantages from
the research which is ARC-funded. It is found that the ARC has been encouraging the researches for
depositing various information. These has been originating from various projects of researches. It has
been happening at various accessible repositories that are accessible. This requirement has been
constant with various liabilities. This is outlined in the ‘Australian Code for the responsible Conduct
of Research, 2018”. The policy involves the suitable management of research data with various
types of primary materials by the researches. Here, different institutional policies to address the
ownership of data, retention, storages and suitable access from the side of research community is
involved.
The customers have the scopes for controlling the way one can use the personal data. This is
to introduce to new services and products. Next, the properties are to be evaluated regarding who
owns the data. Here, the people who are fair prices for the exchanges and owning the channels of
transformation, from where the data is transmitted is needed to be understood (Soomro, Shah &
Ahmed 2016). Further, the ways to access the scarce resources that are allocated is needed to be
determined. Then the accessibility is to be taken into consideration. This indicates what data OZ
Dispatch has the right and privilege to gain, within specific conditions and safeguards.
All the distinct customer data with entities or people outside the company are to be shared in
specific cases. This is when the customer is consented to any kind of action or they are advised the
customers with scope of “opting-out. First of all various ICT policies must be applied here. This
defined how OZ Dispatch must utilize the information system and information technology systems
with full responsibility. It has been set on various guidelines. This includes the usages and purchases
of hardware tools and the ways in which they can be disposed of safely. Utilize the licensed software
Document Page
6CUSTOMER INFORMATION SECURITY POLICY
and assure that every software has been upgraded with the newest patches that are for various causes
of security (Safa, Von Solms & Furnell 2016). This involves the rules on how various passwords are
to be created that includes changing passwords and complexity enforcement. Moreover, there should
be acceptable usage of various information systems and information technology. Apart from this,
there are a training of the users that are included to use the Managing of Information System and
Information Communication system.
3. Policies against cybercrime:
For this OZ Dispatch must follow various standards of Australian cyber security center. Their
law of cyber security for small business assists the eligible organizations in accessing the services and
advices of cyber security. This takes place from various trusted providers of industry. Within the
effective program of individual grants that extends up to 2000 dollars has been available for OZ
Dispatch. This is helpful to cover about half of their expenses. This is regarding the acquiring of the
cyber security evaluated through various providers. For instance, this involves the permissions from
Council of Registered Ethical Security Testers”, Australia. The information system has been
bringing the latest benefits and scopes regarding how OZ Dispatch can perform business and also
involve problems negatively affecting the cybercrimes. They have required to be addressed for the
problems and come up with the systems of ICT policy and MIS security that has been addressed by
them.
Moreover, independent testing must be used. This is in isolation and is highly needed for OZ
Dispatch to deliver quality and robust standards. These are led by the supply chain that is created on
the industry insights and best practices. Further, a supplier management portal should be used.
Current supply chains are highly complicated and multi-tiered. Here, the global networks have been
encompassing the rise in the list of issues of sustainability (Oppliger 2015). OZ Dispatch must tackle
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
7CUSTOMER INFORMATION SECURITY POLICY
the issues through working alone. This can occur as the worldwide not-for-profit membership. They
can make use of a responsible platform of the supply chain. Apart from this, the services and tools
have been enabling the OZ Dispatch in meeting further opportunities and challenges.
4. Customer information security policies developed by OZ Dispatch internally:
Next, various approaches must be considered by OZ Dispatch to create a security program.
Here, the initiation, direction and support comes from the top management and working through the
ways with the help of middle management (Oppliger 2015). Besides, it assures that the senior
management has been ultimately liable to protect the resources of OZ Dispatch from driving the
programs. Next, there the bottom-up approach must be considered here.
The various components to be included are listed below.
1. Treating infrastructure to be insecure and unknown:
The cloud service providers have been opaque in terms of security practices. Here, the default
position for the enterprise has been to assuming various aspects. This includes the applications to
implement enough measurements for sufficing the overall security (Kache & Seuring 2017).
2. Apply security to each application component:
Every component must be assessed to determining the measures of the security that is been
suitable for that. Here, various elements such as resources of program execution also need intrusion
prevention and detection systems. Moreover, there are storages and databases in order to access
controls preventing the components that are non-applicable from touching various elements of data.
3. Automating configuration and installation of security components:
Document Page
8CUSTOMER INFORMATION SECURITY POLICY
It includes the lengthy auditing, recommendations and configuring and installing processes.
These are acceptable for the past to be totally insufficient for future generation applications (Blos et
al. 2016).
4. Test implemented measures of security:
This has been going through the topology of application. It has been evaluating as the
resources are deployed under the security measures of the organizations. Various IT organizations
have been contracting with external parties. This is to examine the measures of application security.
Document Page
9CUSTOMER INFORMATION SECURITY POLICY
5. Migrating the non-strategic applications for the external offerings of SaaS:
The security teams of the IT has been overworked and has been under-resourced. Here, a
smart way is to decrease the scope fop work for offloading various non-strategic applications for
various people. Further, a smart method to decrease the scope of the work is to offload different non-
strategic applications. Thus they can be enabled to concentrate on the efforts over actual significant
applications.
6. Use cloud-based security products:
Here, one of the greatest impediments has been the customer effective security practice has
been the lack of staff and budgets. This is to purchase and utilize suitable products. Apart from the
offerings that are SaaS based has been providing a couple of advantages. They have never needed a
huge capital investment of paying various fees of up-front license (Denolf et al. 2015). Thus they
have never been necessitating the staff of IT for installing and configuring the various products. Apart
from that, IT staffs are able to configure and utilize. Thus the lower cost of different services that are
cloud based indicates that security budgets can move further.
7. Focus on security monitoring:
In this way, they are seen through the applications of the next-generation imposing different
uncomfortable changes and different complexities over the conventional security practices. It
has been no doubt true and never been irrelevant. However, a new IT world has been emerging and
the approach to security has been incapable of performing that liabilities. It is just moving through the
upgraded approaches towards security the IT organizations can uphold the liabilities under the future
generation application age (Urciuoli & Hintsa 2017).
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
10CUSTOMER INFORMATION SECURITY POLICY
The various components of Customer Information Security Policy for OZ Dispatch are
evaluated below.
5. Recommended customer information security policies to be set by OZ Dispatch:
OZ Dispatch has required to development, implementation and maintaining of various
comprehensive program of information security. This must consist of the physical, technical and
administrative securities. This must be based on the company’s natures, complexities and sizes of the
activities. It must be consisting of various components.
The first one is designating the office or employee regarding coordinating the programs.
Conducting of risk analysis for determination of the reasonably foreseeable privacy
and security risks.
Assuring that the security is deployed for controlling the dignified risks and the
efficiency of the security is tested regularly and controlled.
Adjusting and maintaining the program on the basis of the outcomes of monitoring and
testing. This must be conducted will since the changes in operations are done.
Risk assessment:
The customer security program should be determined through reasonably foreseeing the
internal n external risks for integrity, confidentiality and security of the encompassed information.
This has been resulting in the unauthorized misuse, alterations, disclosures and destructions. This also
includes the assessing the sufficiency of security in controlling the risks. The coordinators must be
working with the relate sectors for carrying out the analysis of comprehensive risks. The analysis
must involve the system wide risks and the unique for every areas under the encompassed area.
Information Safeguards and Monitoring:
Document Page
11CUSTOMER INFORMATION SECURITY POLICY
It must be verifying the security of data that is designed and deployed for controlling the risks
that are determined n risk analysis discussed above. Here, the coordinator of OZ Dispatch must have
reasonable securities and monitoring. This should be deploying every units that has access to the data
covered.
Employee training and management:
Protection for security of customer data must involve the training and managing of the people
having authorized access to the data covered. The business must adopt the comprehensive policies,
standards. This is to set forth the processes and recommendations in reserving the security of private
data. Here, the coordinator must be working with other dependable offices and various units. This is
to determine various categories of employee and other people having the access to the data covered.
Information systems:
This must involve the software and network design. This must be including the disposal,
retrieval, transmission and processing. This involves the software and network systems. It has been
designed reasonably for limiting the risk of various unauthorized access for covering the data. It has
been involving the designing limitations. This is to access, maintain proper screening programs. This
is helpful to detect the hackers various viruses to delay the security patches.
Managing the system failures:
OZ Dispatch has been maintain efficiency of various systems in preventing, detecting and
reacting to the intrusions, attacks and additional failures of systems.
Testing and monitoring:
Document Page
12CUSTOMER INFORMATION SECURITY POLICY
This system of monitoring is deployed for regularly. This is to evaluate the monitoring and
testing of the efficiency of safeguards of information security.
It can be noted by the documents for the common references and the users are liable for
making their individual analysis on the provided information. This is to gain the independent advice
proper acting on that. First of all the baseline IT security policy must be considered. The document
sets the standards of a baseline of IT security policy of the various departments of the government
(Safa 2017). Then, there are IT security guidelines. It elaborates on the requirements of the policy and
setting the standard of implementation overt the security requirements. This is specified under the IT
security policy. Moreover, there is the practicing of the security risk analysis and audit. It reveals the
practical reference and guides for security risk analysis with the audit. Besides, the practice guides for
incident handling of information security (Edwards et al. 2016). Here, the document must be
providing practical reference and guidance to handle data security incidents.
Conclusion:
It is seen that OZ Dispatch has been encouraging to remain practice to implement and enforce
the customer security policy. Further, the top management has been endorsing and has been
accountable for information security. It must be reminded any smart governance assures
accountability, scrutiny and ownership. Through undergoing the efficient organizational
transformation, the good scrutiny of security management is needed. OZ Dispatch has been able to
rest on the proper levels of scrutiny to be maintained under the scenario. This is in the position for
demonstrating the due diligence for the partners and customers. This is targeted towards the specific
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
13CUSTOMER INFORMATION SECURITY POLICY
kind of data like the data of customers. Besides, it can be deployed in an effective and comprehensive
manner. This turns to be part of the culture of the company.
Document Page
14CUSTOMER INFORMATION SECURITY POLICY
References:
AlHogail, A 2015, Design and validation of information security culture framework. Computers in
Human Behavior, 49, pp.567-575.
Blos, MF, Hoeflich, SL, Dias, EM & Wee, HM 2016, A note on supply chain risk classification:
discussion and proposal. International Journal of Production Research, 54(5), pp.1568-1569.
Denolf, JM, Trienekens, JH, Wognum, PN, van der Vorst, JG & Omta, SO 2015, Towards a
framework of critical success factors for implementing supply chain information systems. Computers
in industry, 68, pp.16-26.
Edwards, N, Kao, G, Hamlet, J, Bailon, J & Liptak, S 2016, Supply chain decision analytics:
Application and case study for critical infrastructure security. In ICCWS 2016 11th International
Conference on Cyber Warfare and Security: ICCWS2016 (p. 98). Academic Conferences and
publishing limited.
Kache, F & Seuring, S 2017, Challenges and opportunities of digital information at the intersection of
Big Data Analytics and supply chain management. International Journal of Operations & Production
Management, 37(1), pp.10-36.
Marinagi, C, Trivellas, P & Reklitis, P 2015, Information quality and supply chain performance: The
mediating role of information sharing. Procedia-Social and Behavioral Sciences, 175, pp.473-479.
Nazareth, DL & Choi, J 2015, A system dynamics model for information security management.
Information & Management, 52(1), pp.123-134.
Oppliger, R 2015, Quantitative risk analysis in information security management: a modern fairy tale.
IEEE Security & Privacy, 13(6), pp.18-21.
Document Page
15CUSTOMER INFORMATION SECURITY POLICY
Peltier, TR 2016, Information Security Policies, Procedures, and Standards: guidelines for effective
information security management. Auerbach Publications.
Safa, NS 2017, The information security landscape in the supply chain. Computer Fraud & Security,
2017(6), pp.16-20.
Safa, NS, Von Solms, R & Furnell, S 2016, Information security policy compliance model in
organizations. Computers & Security, 56, pp.70-82.
Shackleford, D 2015, Combatting cyber risks in the supply chain. SANS. org.
Soomro, ZA, Shah, MH & Ahmed, J 2016, Information security management needs more holistic
approach: A literature review. International Journal of Information Management, 36(2), pp.215-225.
Urciuoli, L & Hintsa, J 2017, Adapting supply chain management strategies to security–an analysis of
existing gaps and recommendations for improvement. International Journal of Logistics Research and
Applications, 20(3), pp.276-295.
Xu, T & Nassar, S 2016, Supply chain information security: emerging challenges in the
telecommunications industry. In Exploring the security landscape: non-traditional security challenges
(pp. 195-230). Springer, Cham.
Yu, Y &Wang, L 2016, August, Research on Information Sharing in Supply Chain. In 2016
International Conference on Education, E-learning and Management Technology. Atlantis Press.
chevron_up_icon
1 out of 16
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]