Security Management Plan Report - Complaint Handling and Compliance

Verified

Added on 2022/08/15

AI Summary

This report presents a security management plan for a company specializing in physical and personal protection services. It outlines the need for increased staffing and the use of a hiring matrix to recruit trained professionals. The plan details company policies related to network and data security, including handling unauthorized access, remote configuration, and data security configurations. It also addresses incident response, data security accountability, and patch management. Furthermore, the report identifies liability issues, workplace safety, and professional, product/service, and management liabilities. An operational budget is developed, including cost considerations, NPV calculations, and ROI analysis. Finally, the plan details the handling of internal complaints, emphasizing a zero-tolerance policy, and ensuring employee compliance with company guidelines and legal regulations. The plan highlights the importance of employee participation in mitigating risks and maintaining a secure environment.

Security Management Plan

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Introduction
 Company deals with providing physical and personal
protection
 Increased number of employees are required
 Hiring matrix will be used for the same
 Policies of the company are developed
 Liability issues are identified (Nielsen, 2015)
 Operation budget for fiscal year is developed
 Handling of internal complaints are developed
 Compliance of the employees with the policies

Hiring procedure
 Trained professionals are hired
 Two processes can be conducted one is Application
screening process and the other one is the Interview
process through its matrix
 The required experiences are provided and screening
is done
 The eligibility criteria is set
 The common five questions are conducted for hiring
cyber security officers

Company policies
 Governing the network Services- Handle the
unauthorized access, remote configuration of IP, the
devices security.
 Policies of Data Security- Configuration of operation
system, servers, regulations and rules (Carcary et al.,
2016). .
 Monitor compliances- Regulatory auditing is done to
track the compliance of the employees

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Contd..
 Incident response plan- Any data breach or
abnormalities are acknowledged at the latest time and
responded
 Accountability of Data Security- Awareness of
employees’ duties and responsibilities
 Patch Management- Vulnerabilities and threats are
avoided with proper patch management and
regulatory software updates.

Liability Issues
As a company owner the prime concern is to mitigate
the risks associated with the company to provide risk
free environment for the employees and provide
products and services with best quality.
 Workplace Safety- Schedule of duty hours and tasks
to maintain safety in the workplace.
 Professional liability- The rise in obligations,
negligence of practices must be accounted.

Contd…
 Product and service Safety- The defects in products or
poor quality of services to the clients are the
responsibility of the concerned employee.
 Management Liability- The exposures received by the
officials from the finances, governance and activities
performed (Collingwood, 2017).
 Premises Liability- Depend on the location of the
company and the activities inside its premises.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Development of operating
budget Total development cost is considered
 Total Operational cost is considered
 Total Benefit is considered
 The discount rate is provided
 All inventory cost are developed
 NPV of all costs are found
 Over all ROI id found
 Yearly NPV Cash flow is obtained
 Overall NPV Cash flow

Plan for handling complaints
and compliance
 The internal complaints of discrimination, harassment
and misconduct within the company must be handled
well by the company
 Dedicated Team for regulating policies
 Abolish the discrimination on the basis of gender, race
and physical abilities by conducting engagement
programs

Contd..
 Regulation of strict legal laws
 Detention of employees for creating hostile
environment for other.
 Misconduct of activities or behaviors must be tackled
by the assigned team (Governatori et al., 2016).
 Application of zero tolerance policy

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Conclusion
 The company that provides the services of physical
and personal protection
 Company gather information and intelligence to
provide services to its customer.
 Hiring train personnel will increasing the productivity
and profit of the company
 liability issues and internal complaints are mitigated
with participation of all the employees
 Following of company guidelines, rules and regulations
by the employees

References
 Nielsen, R. S. (2015). CS651 Computer Systems Security
Foundations 3d Imagination Cyber Security Management Plan
(No. LA-UR-15-21507). Los Alamos National Lab.(LANL), Los
Alamos, NM (United States).
 Carcary, M., Renaud, K., McLaughlin, S., & O'Brien, C. (2016). A
framework for information security governance and management.
It Professional, 18(2), 22-30.
 Collingwood, L. (2017). Privacy implications and liability issues of
autonomous vehicles. Information & Communications Technology
Law, 26(1), 32-45.
 Governatori, G., Hashmi, M., Lam, H. P., Villata, S., & Palmirani, M.
(2016, November). Semantic business process regulatory
compliance checking using LegalRuleML. In European Knowledge