IT or cybersecurity policy
Below is the message from my professor. Please follow this guidelines to work on my order.
“Based on your reading and on additional research on line, what are the major components of an IT or
cyber security policy? If you work for a company are you aware of what the policy is for the company?
Please describe it and if it corresponds to the reading or your research.
If you are only a student, pick either the school, a bank you do business with or other company whose
policy you can view and evaluate it.
CYBERSECURITY POLICY 2
Write a 2 to 3 paragraph synopsis of what you found and your analysis”
IT or cybersecurity policy
The major components of IT or Cybersecurity policy
The Cyber Security policy entails officially categorized rules which are to be followed by
all personnel allowed to access assets of a company’s information and technology system. It
serves to mainly inform the users of the system about their roles in ensuring the protection of the
assets. These users may include stakeholders, contractors or employees of the specific company.
The policies also entail the descriptions of the assets to be protected together with their threats. It
consists of the users’ responsibilities, the rules and the significant penalties following a violation
of the rules (Von & Van, 2013).
These assets consist of components such as the company’s email, the Central Processing
Unit, the website, the computer hardware, software applications and PC systems. The software
part of the system includes systems for database management, operating systems,
communication systems and the backup system software. These systems need to be handled with
caution for the confinement of the sensitive company’s information within the company. The
computer systems usually are classified into different security levels depending on their
sensitivities. These include red security level which entails the company’s confidential
information which need not be accessed by outsiders and if need to be used by company
personnel, the access keys should be used. The green level gives way for one to access the red
CYBERSECURITY POLICY 3
level. Finally, the white and black levels contain non-confidential though critical information to
the company and need to be accessed on permission (Von & Van, 2013).
The Bank of America is a developed firm and massively corresponds to the policy
components. It entails security setups to ensure all online transactions are preserved for the
respect of their customers. Each client is provided with instructions on how to manage their
online accounts and personal information. The security policy levels are also applicable both to
the staff and customers to ensure a high level of confidentiality (Von & Van, 2013).
CYBERSECURITY POLICY 4
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber security.
computers & security, 38, 97-102.