An organization's security plan forms the foundation for how information is handled and kept secure. A successful security plan consists of the policies that reflect business needs as well as information for employees on their responsibilities. It also must establish policy for monitoring the plan, and the plan must fit the organization's culture. First and foremost, you must determine the security topics to be covered, based on a thorough evaluation of potential vulnerabilities, in order to develop a truly comprehensive and effective security plan.
For this Discussion, you will evaluate potential topics to include in a security plan. Make sure your evaluation includes any topics that need to be included for specific problems and breaches.
Examples for topics:
- Laptop security while traveling
- Doing business on your home computer
- Visitor control
- Social engineering training
- Employee web usage
- E-mail/spam control
- Building evacuation policy
- Personal computers/drives at work
- Smartphone policy
- Protection from computer viruses
Post your 350- to 500-word evaluation. Make sure that it includes at least two topics you consider critical to a security plan. Explain why these topics are critical, and provide real-world examples that illustrate situations in which these topics have been successfully incorporated into security plans. If real-world examples cannot be found, offer your own examples of how your ideas may be executed.