Академический Документы
Профессиональный Документы
Культура Документы
Micah Geertson
CSOL 540
10/25/2019
Assignment:
Implementation, Enforcement, and Compliance Plan
Assignment: Implementation, Enforcement, and Compliance Plan 2
Table of Contents
HIC, Inc. Implementation, Enforcement and Compliance Plan ............................................................ 3
Introduction .................................................................................................................................... 3
Monitoring and Logging................................................................................................................ 3
Communication .............................................................................................................................. 4
Training .......................................................................................................................................... 4
Assignment: Implementation, Enforcement, and Compliance Plan 3
Communication
Current policies and changes to these policies will be made available to all HIC, Inc.
employees, contractors, and business associates. It is up to leadership in each business unit to
ensure that direct reports are aware of, and understand the implications of each and every
security policy in effect at HIC, Inc. Guidance for the dissemination of these policies will be
provided by the Compliance Officer. By ensuring adequate understanding at every level of
operations, the company will be able to reduce the risks posed to both HIC, Inc. employees and
customers.
Training
Each HIC, Inc. employee will be required to attend security awareness and policy
training to ensure both a general understanding of all HIC, Inc. policy and the security
implications associated with user actions upon onboarding. Training will be conducted in a
modular fashion and include (but not limited to) training around data handling, security threat
knowledge, information security, and applicable laws. Mandatory annual refreshing courses will
be conducted through Computer-Based Training (CBT) and be credited upon successful
completion of each CBT. Failure to conduct initial or refresher training will result in loss of
access to company assets and networks. Continual lapse in training will result in notification of
the Compliance Officer and disciplinary action up to and including termination of employment
from HIC, Inc.