Corporate Security Policies and Procedures

Corporate Security Policies and Procedures

Post by Jim Wamsl » Fri, 29 Jul 1994 03:48:17



We are presently involved in redefining our information
security policies and procedures.  Because we are an
international company, with a number of subsidiaries,
and partnerships with other companies, we need to
develop a program that is some what flexible under
various conditions, yet has some consistency.  

Part of our dilemma is that parts of the company are
rather autonomous.  this can present problems when
issues may require a centralized solution.  We are
sure that other companies have experienced similar
issues.

I will not insult this group by asking if people will
send copies of their policies.  First, there is probably
little to be gained from that.  Second, nothing can
be learned by copying someone else's plan.  you have to
know what is going on in your own house.  Third, your
security policy is  or should be treated as your own
intellectual property, regardless of where you found
the ideas that formulated it.

I would like to ask some background information, that
we can present to management that will show them how
companies deal with security.

As a point of reference, StorageTek is a Fortune 500
company manufacturing information storage and retrieval
systems for mainframe, mid range and networked systems,

Are you an international company?

Approximate number of employees:

Approximate number of sites/offices:

Do you have a fromal network electronic security program?

Is it centralized or decentralized management?

Do you have a corporate policy covering electronic information security?

How are electronic data security issues communicated to all areas of
the company that might be impacted?  (i.e. is there a central point
for analysis and distribution of information?)

How are policy issues resolved

How are technical issues resolved

Is your program based in specific 'must do it this way' or is
it based more on guidelines?

Does your company use a standard platform throughout or does it
look like the show room at CompUSA?

All informatio received will be held in confidence.  answer only
those questions you feel are appropriate to disclose.

thanks

 ______________________________________________________________
[ Jim Wamsley, Postmaster, Hostmaster, Newsmaster, Ringmaster  ]
[ StorageTek 2270 S. 88th St, M.S. 4379, Louisville, CO 80028  ]

[                                                              ]
[ Everything To Excess - To enjoy the full flavor of life take ]
[          big bites.   Moderations is for monks!              ]
[______________________________________________________________]