This website uses cookies to ensure you have the best experience. Learn more

Policy And Compliance (Tracey) Essay

2173 words - 9 pages

Policy and Compliance (Tracey)
Organizations develop regulations, standards and practices for securing their data. These standards enforce access security practices and policies set forth by government agencies and adopted by organizations, of these include DoD and National Security Agency. (Goodrich & Tamassia, 2011). By implementing these standards, a company or agency may be allowed to store and transfer sensitive content. Of these government regulations and standards includes; Federal Information Processing standardization (FIPS) 140 which is a set of standards requiring cryptographic modules used by government organizations. (Goodrich & Tamassia, 2011). National Institute of Standards and Technology (NIST 800 series) is based on a standard practice of computer security policies, procedures, and guidelines, which maintains cost effectiveness and efficiency. Other standards include Health Portability and Accountability Act (HIPAA), a standard for healthcare providers and employers to maintain patient privacy and Protected Health Information (PHI) which sets a standard for protecting personal information.
Data protection and access controls are applied as part implementing government policy regulations, this will address privacy of data concerns noted by Jacket-X employees. As a publicly traded company, Jacket-X must also adhere to SOX regulations.
Observations (Tracey)
Jacket-X has grown, and in an effort to keep up with growing demands and the need for increased security they are now implementing an identity management system, however this has raised concern over privacy for their employees. (Cyberspace and Cybersecurity: Interactive Case study II). Jacket-X recently recently became a publicly traded company, therefore must adopt policies and practices as well as a financial management system that is SOX compliant. It is also noted by leadership that there is a concern over business process focusing too much on security, which will obstruct productivity.
As discussed in the previous section, Identity Management and privacy and protection of data issues were noted, as such a new system is being stood up and various vendors are being reviewed. The HR department also discovered issues with payroll last year, though there was no evidence of fraud. (Cyberspace and Cybersecurity: Interactive Case study II). During the assessment, various security policy weaknesses were discovered which will be discussed in more detail in Privacy and Protection of Data sections below.
Sarbanes-Oxley (SOX) (Tracey)
Established in 2002 by congress, Sarbanes-Oxley (Sox) was established by Congress in an effort to sustain ethics and integrity in the financial industry to gain confidence of the public in direct response to the corporate Enron and WorldCom and immediately following, Adelphia and Tyco scandals. (Orin, 2008). Section 404 pertains to earnings, quality and internal control, international investments, and investor and public...

Find Another Essay On Policy and Compliance (Tracey)

Coding Compliance Plan Essay

2111 words - 9 pages entire organization would typically listed as to who must comply with and follow all aspects of the given policy. Procedural compliance – This is where you communicate to the affected individuals how they are expected to behave and act in the described scenario within the policy. Preferred behaviors – This is where the policy will describe and explain exactly what a staff member should do in the situation described by the policy. This will give all

Project Safe Neighborhoods Essay

1197 words - 5 pages and felons about gun violence is Project Exile. Project Exile took place back in 1997 in Richmond, Virginia and is known for their policy as being neoclassical. Project Exile was a launching pad for Police Departments to see the effectiveness of educating those about gun violence and showing those the seriousness of committing a crime with a gun through deterrence. Project Exile wanted to make sure felons were aware of the Federal Statutes

Mitigating Computer Misuse at Work

1868 words - 7 pages of an enterprise, and a majority of internal threats are relating to individual’s unsafe operation on computer. Therefore, it is necessary for organizations to optimize system security by implementing a rational measure to moderate individual’s unsafe behaviour on computer in workplace. Employees, who play a key role in security protection, need to be helped increase compliance on information security policy. This essay will discuss which is a

Human Resources Compliance and Ethics

1141 words - 5 pages employees to take prolonged, unpaid leave for family- and health-related reasons without fear of losing their jobs, (Byars & Rue, p. 49).Human Resources compliance with regulationsFor years, HR has dealt with many compliance issues such as employment discrimination, harassment, wage and hour standards, immigration, workplace safety, and employee privacy. Compliance with NEC corporate policy is subject to the requirements established for all

Best Practices Policy Making

1236 words - 5 pages particular regulations, on specifying objectives and defining compliance, and explaining the causes of potential policy failures. “(2) Issue framing” is the means of informing and influencing the policy target groups and other stakeholders. That is why the language, the arguments and the communication attributes have a key role in gaining compliance. Social sciences can provide policymakers and high-level decision-makers with information

Tax system definition

1248 words - 5 pages value, transactions (transfers and sales), licenses granting a right, and/or income (Gerald and Kathleen, 2005).New Zealand tax systemNew Zealand is a country that enacted a tax law for long period, according to the government information, it has increasingly become complex since the first income tax issued in 1891 ( New Zealand tax system imposes the economic costs with three components, which are compliance costs


799 words - 4 pages , it does not normally address the broader sets of privacy and security risks associated with. MRM works beyond traditional practices of MDM to address: • Monitoring and configuring of security settings, platform integrity and policies • Protection of devices from security breaches non-compliance situations, and data loss • Managing and deploying corporate apps, documents and data securely • Mitigating the risks of devices that are operating in a harmful environment or a compromised state • Reporting and monitoring on policy and regulatory compliance

Software and Hardware Companies: Oracle NZ Ltd

1348 words - 6 pages respect your preferences concerning the treatment of Personal Information that they may collect. This policy lets you know how they collect and use your Personal Information and data, how you can control its use, and describes our practices regarding information collected from the different oracle sites that link or refer to this policy (such as their websites, computer or mobile software applications, social media pages and HTML (Hyper Text Mark-up

Implementation of a Corporate Governance Plan

2209 words - 9 pages violations. Regular comparison of the organization's current conflict-of-interest policy with industry regulations, review of recent government filings, and evaluation of Riordan's current compliance program will help to avoid potential future compliance violations (Warda, 2006).Riordan must ensure corporate compliance by use of detective control. This control will enable the company to detect compliance violations which have occurred or represent

Television and Modern Technology Censorship

2597 words - 10 pages young from the indecent material that is viewed on aired. The war on censorship is a huge importance on today’s generation because of the information and images that are being exposed to the younger generation. The importance the FCC has on children shows are to the extreme because of the influence it has on the minds of children. In 1974 the Children’s Television Programs: Report and policy Statement by the FCC came into effect (Silverman 18

The Army and Environmental Compliance

1682 words - 7 pages readiness and relevance. As a direct result of positive environmental stewardship, inclusion of environmental compliance enables the Army to provide continuity of operations while protecting the environment. United States Environmental Policy The modern day involvement of the United States Army’s responsible environmental stewardship began over 40 years ago and continues unabated today. The catalyst was the National Environmental Protection Act

Similar Essays

Tax Compliance Cost An Important Aspect Of Tax Policy

1440 words - 6 pages Tax compliance cost has become an important aspect of tax policy. This is because of its connection with the tax compliance and the government revenue in turn. Unnecessary burden of compliance cost either on individual or business taxpayer may have negative effect on the tax compliance and eventually reduction in the tax revenue. Tax compliance cost is one of the determinants of tax compliance behavior. Unnecessary high tax compliance cost

Risks Of Noncompliance In Corporate Governance

3796 words - 15 pages current conflict-of-interest policy with industry regulations regularly, reviewing recent government filings, and evaluating the company's current compliance program. If these control steps are proactively taken regularly in the organization, the company will have taken preventative steps to avoid a potential future compliance violation (Maltz, 2003).The second control procedure that a company must take to ensure corporate compliance is a

Corporate Compliance Report & Corporate Compliance Benchmarking

1655 words - 7 pages controls include developing guidelines and responsibilities to conduct reviews of ethics policies, conflict-of-interest procedures, and updates in corporate compliance procedures that will protect and position the company to prevent a possible compliance violation. An associate of the company's preventative control measures include comparing the organization's current conflict-of-interest policy with industry regulations regularly, reviewing recent

Information Security Needs Proper Employee Behavior

1138 words - 5 pages behaviors to ensure that critical security policies and rules are followed. The discretionary nature of information security policy (ISP) compliance poses a challenge for policy makers. The latest research in behavioral information security The following research articles Benbasat, Bulgurcu and Cavusoglu (2010), Johnston and Warkentin (2010), Puhakainen and Siponen (2010), and Chen, Ramamurthy and Wen (2012) has focused on examining the beliefs