SECURITY POLICY FRAMEWORK
A security policy framework is a combination of high standardized strategies or goals that mainly affect security at a high level. The SFP is mainly used by security firms, governments, industries, companies and also firms. These policies are very essential n many programs in running the system affairs in many ways. The security policy framework has elements that need a lot of attention to make it (Ismail, Widyarto, Ahmad & Ghani 2017).
The first element of the policy is the sole purpose of the policies created. This entirely depends on the party that established them. Through this purpose, the whole idea of the policy is established and determined at better efforts. The next element is the audience for the policy. This entirely depends on the purpose of the policy. The audience is entirely the sole purpose to be used by.
The third element is information security goals and strategies. This is to encourage the management personnel to get into a well added up objectives for the goals and security. Information security focuses on confidentiality availability and integrity (Safa, Von Solms & Furnell 2016). These are the core objectives that should be emphasized. The fourth element is the authority plus access to the control policy. This includes who has access to the controls of the framework and its authority.
The fifth element is the classification of data. The policy should always be able to classify data in many ways such as secrete and public. This can, in turn, make the usage of data easier. This can increase the privacy of data at bigger and better heights. The next element is if the policy supports data and its operations. This includes data protection, backups, and movement of data. Another element is creating security awareness and behaviour. This is also very key. The framework is very useful in fact in many ways and embraced largely.
REFERENCES
Ismail, W. B. W., Widyarto, S., Ahmad, R. A. T. R., & Ghani, K. A. (2017, September). A generic framework for information security policy development.
Safa, N. S., Von Solms, R., & Furnell, S. (2016). Information security policy compliance model in organizations. computers & security.