Conclusion on implement security policy of an organization

Summing up all the discussion from above it is concluded that the information security is quite essential for any retail organization. In this report there is proper discussion about the risk management in the retail organization. They are involve in giving different services for the risk management in the organization. I must have to follow the IT polices in the organization and according to that I must have to upgrade the order processing software that can easily able to solve the problem of organization. How this retail organization first thing is to makes money, how the assets and employees help the business in making a profit and for the company what risk turn into a large monetary loss. The method which is used for identifying the risk assessment which affects the retail organization integrity and confidentiality the asset based approach is used. This organization also has to manage their hours quite efficiently, because there are two kind of hours store hours and business hours.

This company is struggling with IT technology risks. The risk management methodology is extremely important for the organization to manage their risk in efficient way. For that case the retail organization must have to organize proper risk management methodology in their organization. They have mentioned some important polices regarding information technology. But there are some drawbacks in polices due to this they are struggling with a lot of issues. As the amount of data for the organization increases so that according to that importance of data protection also increases. The IT head must have to implement this security policy on the paper and also every member of this organization have to read this statement. In the end there are some recommendation for the future.

References  of implement security policy of an organization

Alberts, C. J., & Dorofee, A. J. (2003). Managing Information Security Risks: The OCTAVE Approach. Addison-Wesley Professional.

Allen, B., Esq., CISSP, CISM, CPP, CFE, . . . MBCP. (2017). Enterprise Security Risk Management: Concepts and Applications. Rothstein Publishing.

David Kim, M. G. (2013). Fundamentals of Information Systems Security. Jones & Bartlett Publisher.

Douglas A. Ashbaugh, C. (2008). Security Software Development: Assessing and Managing Security Risks. CRC Press,.

Landoll, D. (2016). The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments, Second Edition. CRC Press.

Newsome, B. (2013). A Practical Introduction to Security and Risk Management. SAGE Publications.

Peltier, T. R. (2010). Information Security Risk Analysis. CRC Press.

Shen, A. (2009). Algorithms and Programming: Problems and Solutions. Springer Science & Business Media.

Syngress, Liu, D., Miller, S., Lucas, M., Singh, A., & Davis, J. (2006). Firewall Policies and VPN Configurations. Elsevier.

Vesalainen, J., Valkokari, K., & Hellström, M. (2017). Practices for Network Management: In Search of Collaborative Advantage. Springer.

Wheeler, E. (2011). Security Risk Management: Building an Information Security Risk Management Program from the Ground Up. Elsevier.