Summary
Following the recent car-jacking of the head of the finance department on the 5th of July this year, critical information about our organization was obtained from the office laptop that the finance officer had with him. Consequently, our intern from the Department of Programs represented our organization at a security conference from 6th to 9th of July 2017 organized by the government, which discussed corporate security. This nation-wide security conference was held to address the state of the nation regarding security in the corporate world. This was explained to be due to the rampant cases of companies being hacked and the general rise in insecurity which is especially critical to companies. Insecurity, therefore, has become an
…show more content…
This training is a part of the strategy that was discussed as a way forward for the security of the nation which was addressed on the Security Conference mentioned earlier. The Department of Programs had a meeting to go over what transpired in that conference and decided to adopt the employee training suggested in our company. This is because the employees are the key target when people try to gain illegal access to a company.
This training will be on a regular basis since security evolves with technology. With the advancement in technology, people have come up with more advanced means of illegally accessing information. Physical security also has to be constantly updated since new ways of stealing have been devised. The training will, therefore, be done in phases, each time addressing a different aspect of security. Training regularly is a way of ensuring that the company keeps up a culture of security practices and stay up to date with the current technology.
Employees will be required to give feedback on the security training. Each departmental head will be required to submit a report to the department of programs on how their respective department will execute the proposed security measures once the training is done. This feedback will also include suggestions by employees on how to improve security. This involves how best the training can be carried out, the time, and the
* Set up training program for all employees on network security policies and any new changes to network security.
This training will begin with a four hour training session relaying these new practices to all employees over the course of a week. Thereafter there will be follow-up training sessions as management deems necessary to ensure that policy is being strictly adhered to.
An important part of this training will involve communicating key parts of the security policy so that employees will have an adequate understanding of potential threats and their remedy.
developing a training protocol for all personnel including mandatory continuing education and recertification in threat assessment, anti-terrorism tactics, and departmental procedures,
As such, our company’s people resources pose the greatest risk for security breach. Our way to help mitigate risk in this area is to keep communication lines open in this area and to continually mandate security knowledge training, with mandatory updates on a regular basis. When the employees are informed of company policy when facing a security matter, they are better equipped to act in the best or right way. In this way knowledge is power – or at least empowerment to act in the best interest of the company’s information security.
ITC Ltd.’s strategy plan for compliance with the current acceptable standards or norms relative to social responsibility today is well thought out, especially for a company that sells potentially dangerous products, and try to meet and listen to all demands and laws in place since the start of their business. Even though in 2014 a new bill was passed for the majority of companies to build accountability and also have the government looking over the private sector (Banerjee, 2013). “The CSR provision requires affected companies to spend at least 2 percent of their average net profits made in the preceding three years on CSR” (Banerjee, 2013). Even though this bill has caused a lot of uproar for companies, ITC has actually already been
Consider having a training session with your employees. This will help increase the value your employees place on workplace security while helping reduce any risk due to employee neglect.
Most corporate financing decisions in practice reduce to a choice between debt and equity. The finance manager wishing to fund a new project, but reluctant to cut dividends or to make a rights issue, which leads to the decision of borrowing options. The issue with regards to shareholder objectives being met by the management in making financing decisions has come to become a major issue of recent times. This relates to understanding the concept of the agency problem. It deals with the separation of ownership and control of an organisation within a financial context. The financial manager can raise long-term funds internally, from the company’s cash flow, or externally, via the capital market, the market for funds
Research Objective: The main theme of this research paper is to protect sensitive information that any organization or business possess. With community’s increasing reliance on information systems and technology there is scope for security breaches, more likely to happen. Not only monetary loss it can create damage to information assets that has sensitive data. To secure these assets from any internal or external damage organizations has to follow proposed rules and guidelines. Also security responsibilities
Which domain requires annual security awareness training and employee background checks for sensitive positions to help mitigate risk from employee sabotage?
While all of these technologies have enabled exciting changes and opportunities for businesses, they have also created a unique set of challenges for business managers. Chief among all concerns about technology is the issue of information security. It seems to be almost a weekly occurrence to see a news article about yet another breach of security and loss of sensitive data. Many people will remember high profile data breaches from companies such as T.J Maxx, Boston Market, Sports Authority, and OfficeMax. In the case of T.J. Maxx, a data breach resulted in the loss of more than 45 million credit and debit card numbers. In many of these incidents, the root cause is a lack of adequate security practices within the company. The same technologies that enable managers can also be used against them. Because of this, businesses must take appropriate steps to ensure their data remains secure and their communications remain
Between April 20th 2010 and July 15th 2010, BP's drilling rig explosion in the Gulf of Mexico was the biggest oil spill in the history of the petroleum industry. Eleven people died. # of days later and $ in fines, BP stopped the spilling of oil into the ocean. According to the U.S. Fish and Wildlife Service (USFWS) reported on September 17th, “in terms of land animals, at least 3000 have died, tens of thousands of others have been affected [including] millions of sea organisms [although] there is no accurate count”. Conversely, it is unlikely that other than those that have been directly affected can recall the amphetamine weight loss drug scandals between the 1960’s to 1990. For that matter, likely few are motivated enough to look up the
The American Society for Industrial Security (ASIS) is today’s main association of private security. The year of 1955 is considered the beginning of the modern age of security. Private security was needed everywhere, in hospitals, hotels, retail etc… as stated in (chapter 2, P.38) that ‘’ Retail establishments, hotels, restaurants, theaters, warehouses, trucking companies, industrial companies, hospitals, and other institutional and service functions were all growing and facing a serious need to protect their property and personnel’’. After the events of 9/11, private security agencies were required to play more roles in crime prevention. Private security agencies were required to review and standardize their method of training and to review the pay of employees. Lot of recommendations have been made to improve the education and training, above all the extension of training time.
At Paramount the unitary board exists, where according to the textbook, a unitary board is when a company has a single governing body (Tricker 2009). A non- executive director is defined as a person who is not involved in the day to day management of an organisation but rather in business tasks such as strategic planning, and monitoring of executive directors. An executive director tends to be more involved in the managerial aspects of the company.