ArticleBiz.com :: Free article content
Authors: Maximum article exposure. Publishers: Reprintable article content.
BROWSE ARTICLES
ArticleBiz.com Home
Featured Articles
Recently Added Articles
Most Viewed Articles
Article Comments
Advanced Article Search
AUTHORS
Submit Article
Check Article Status
Author TOS
PUBLISHERS
RSS Article Feeds
Terms of Service

Is Your Company Security Policy Worse than Worthless?
Home Business Management
By: George Babnick Email Article
Word Count: 976 Digg it | Del.icio.us it | Google it | StumbleUpon it

  

One of my earliest cases as a private investigator involved a chain of auto repair shops where managers at some shops were suspected of pocketing cash payments from customers. The owner also suspected that some employees were sneaking into some of the shops late at night after the business was closed and were using company facilities, tools, and diagnostic equipment, to work on friend’s cars.

My investigation involved posing as a customer, hidden cameras, targeted surveillance, and some forensic computer analysis. At the conclusion of the investigation I was able to establish that more than one shop manager was routinely pocketing cash payments from customers and in addition to using the shop in the evenings after business hours to repair friend’s vehicles, one manager was running a late night under-the-table car repair business using the company’s facilities and equipment.

One of the suggestions I made to the owner was that he should add some protocols to the company’s security policy about how managers handle cash payments from customers and also include some rules about after hours use of shop facilities and shop equipment. To my surprise, the owner said his company had no security policy. At the time, I was surprised. But since then I have discovered more and more small businesses (even some medium sized-businesses) that have no written security policy. Of those businesses who actually had a written security policy, many had not reviewed or updated their policy in many years.

The importance of every business having a SECURITY POLICY.

Very few businesses in the United States are mandated by law to have a security policy. Establishing a security policy is not likely to solve security problems but it is an important starting point. A well-crafted security policy provides a framework for identifying security risks and outlines how the company plans to protect those assets. It is also an unequivocal announcement from management that the company has a serious commitment to security and is a way for the company to commit to taking steps to secure assets and keep personnel safe and secure.

Often security policies are a mishmash of rules and procedures, guidelines, and maybe some standards, all rolled helter-skelter into one document and called a "Security Policy." There is a difference between policy, guidelines and rules, and procedures, and these distinctions are not just academic.

In brief, policies are overarching principles from management and are meant to establish a tone and influence behavior. Standards are levels of quality or achievement and typically involve industry "Best Practices." Guidelines are statements meant to guide behavior. Rules tell a person what to do or not to do in a specific situation. Procedures are a fixed way of doing something.

Rules and procedures are important parts of a well-crafted security policy, but the policy must come first. Standards flow from the policy and guidelines and rules flow from the standards. This is followed by procedures.

Page 1 of 2 :: First | Last :: Prev | 1 2 | Next

George W. Babnick, is a 34 year law enforcement veteran from Portland, Oregon with an extensive background in physical security and criminal and administrative investigations. He is the editor of a blog devoted to physical & personal security issues and a licensed Private Investigator in his home state of Oregon. He can be reached at: www.physicalsecurityonline.com and www.babnickandassociates.com.

Article Source:
http://www.articlebiz.com/article/1051640086-1-is-your-company-security-policy-worse-than-worthless/

This article has been viewed 635 times.

Rate Article
Rating: 5 / 5 stars - 4 vote(s).

Article Comments
There are no comments for this article.

Leave A Reply
 Your Name
 Your Email Address [will not be published]
 Your Website [optional]
 What is one + six? [tell us you're human]
Notify me of followup comments via email


Related Articles


Copyright © 2019 by ArticleBiz.com. All rights reserved.

Terms of Service | Privacy Policy | Contact Us | Submit Article | Editorial