Operational Management Policies (Coursework Sample)
Using the resources provided and the project description, complete the policy template that you created in Unit 3 to draft operational management policies appropriate to cover the functional areas related to operational management for the project organization.
Ensure that the following information is covered in the policy language proposed:
Factors that are included within the scope and range of operational management security policies.
Roles and responsibilities that are involved with the various activities included in the policies.
Elements of a communication plan that will be used to support the creation of these operational management security policies.
Application of contextual characteristics specific to the project organization.
Policy noncompliance procedures and penalties
Operational Management Policies
Operational Management Policies
Fundamentally, for the High Class Healthcare facility to integrate security goals, the firm managers, directors and security heads must operate efficient programs. Operating protecting programs in such dynamic institution is not easy. Hence, operational management policies have to be created, implemented and maintained by High Class Healthcare facility (Johnson, 2015). Comparatively, assets protection is an essential factor towards the continuity and success of the firm. Consequently, senior ownership and management of the High Class Healthcare will hugely introduce operational management policies in protection of its assets.
The implementation of operational and management policies by the High Class Healthcare Management Council is important in ensuring the integrity, confidentiality, protection and security of assets, information and data of the firm. The objective of these policies is to highlight the requirement for the secure and correct application of the Healthcare physical and information generating equipment’s with the purpose of data and information protection by implementation of sufficient OMP (Operational Management Policies) in regards to ISO 27001 standards (Humphreys, n.d.). All aspects of operational management policies are covered by the ISO 27001 standards.
The scope of this policies applies to all partner agencies, vendors, contractors, elected members, employees and departments who utilizes the organizations resources or who holds different roles in the maintenance/management and development of data within the organization. Besides, applies to all the data and information processing systems of the High Class Healthcare.
In order to manage and maintain the Healthcare’s ICT data and information, the organization is required to establish and implement operational policies and official procedures comprising significant documentation to secure the availability, operations and maintenance of Information Technology Resources and information facilities (Partida & Andina, 2010). Information assets of the High Class Healthcare like the network infrastructures and unauthorized communication access, misuse, corruption and destruction are considered.
High Class Healthcare is supposed to implement the following operational procedures for managing different system events associated with the information access and information processing facilities:
4.1 Network security management
The protection and management of communication network and data is essential to ensuring the security and the integrity of the Healthcare’s data and systems. The following controls are significant:
* Networks operational responsibilities should be isolated from the operational activities of the computers.
* There must be procedures and responsibilities for the management of the remote devices and the users.
* Mitigations like encryptions must be set in place to secure information transition over the networks.
* All networks connections outside the Healthcare like the internet, must be secured against common threats, with firewalls that eliminates outgoing and incoming network traffics.
* All the organization computers connected to the Healthcare network must have appropriate configured host-based firewall for the protection requirements of the stored data classification and information systems.
* The configurations of the host-based and network firewalls on the Healthcare’s information systems must be periodically audited to confirm the effectiveness of the security requirements of the information system.
* The architecture of the network should be documented and kept with configuration controls of all the software and hardware elements that constitutes up the network. Wireless networks must adopt controls to secure the information passing over the network and deny unauthorized access. Encryptions must be applied on the network to secure data and information and information interception prevention.
4.2 Audit logging management
Logs access must be secured from the unauthorized access that could lead to the stored data being deleted or altered. The organizations system administrative personnel’s must be denied from deactivating or erasing logs of their own events. Log access should be available for the purposes of the organizations internal auditing (Chuvakin, Schmidt & Phillips, n.d.). Regular checking of the logs is necessary for the Health care in ensuring right steps are followed. System administrators and operational staff must keep a log of their events. The logs should comprise the following:
* System activity start times and finish times and the person involved.
* Errors of the system and the corrective act taken.
* Timings of back-ups and exchange details of backup tapes
4.3 Security of Systems Documentation Management
All the information technology system documentation must be secured from unidentified access. All the documentations developed by the Healthcare’s ICT department must be protected. The following examples comprises some of the documentations that the Healthcare should protect including their detail descriptions:
* Authorization details
* Data structures
4.4 Security management
High Class Healthcare security policies and programs must be periodically checked and assessed for their continued effectiveness. The Chief Operational Management Officer must perform annual security audits and report the summari
- Importance of Sustainable Talent Management in an Organization Description: A strategic leader is supposed to have a good vision for the proper performance of his team. Employees achieve these traits achieved through educating the team on what the company what from them. The Southern Company leaders must influence their subordinates to perform well between and beyond the company's ...1 page/≈275 words| 7 Sources | APA | Management | Coursework |
- MBO Performance Appraisal for a Training and Development SpecialistDescription: For good and productive engagement with employees, they have to be precisely informed on what the employer expects from them and the parameters for high performance. One of the most efficient ways to develop employee careers is through performance appraisals. ...1 page/≈275 words| 3 Sources | APA | Management | Coursework |
- Comparing and Contrasting Charismatic and Transformational LeadershipDescription: People demonstrate multiple leadership styles depending on how they were mentored, the task at hand, and their personality traits. Regardless of these factors, every leader aims at becoming an effective leader. Most individuals find charismatic and transformational leadership some of the best leadership typ...3 pages/≈825 words| 3 Sources | APA | Management | Coursework |