4. • 4
Policy
• A policy is a plane or course of action that conveys
instruction's from an organizations senior management to
those whose make decision's take actions and perform
other duties.
• Policies are organizational laws in that they dictate
acceptable and unacceptable behavior with in the
organization .
• Like laws policies define what is right what is wrong what
the penalties for violating policy and what the appeal the
process is .
5. • 5
We have to understand few more concept for how policies are
help full in the growth and betterment of organization
• Standard
• Practice Procedure and guidelines
6. • 6
Standard
• Standard are more detailed statements of what must be done to
comply with policy
• Standard may be informal (organizational culture) as in de
facto standards or standard may be publish scrutinized formal
ratified by a group as in de jure standard .
7. • 7
Practice procedure and guidelines
It explain how to comply with policy is efficiently
8. • 8
Policy formation
It is process of creating developing and establishing policy within organization
these policies serve as frame work to guide employs management and
stakeholders in making consistence and compliant choice in alignment with the
organizations goals and values.
9. 9
Policy Enforcement
It is a process of ensuring that organizational policies rules and regulations are
adhered to by individuals employs and stakeholders with in the organization
Effective policy enforcement is a fundamental aspect of a governance risk
management and complains(GRC) and place crucial role in maintaining ethical
behavior security legal complains and over all well being of an organization.
10. 10
Policy enforcement applied by three steps
Manual policy
enforcement(boards)
• Governance boards
• Governance
processes
• Governance reviews
• Manual
enforcement
processes
• Policy statement
and guidelines
Tech-assisted enforcement
(processes)
• Collaboration tools
• Virtual board meetings
• Process automation and
work flow
• Governance portals
dashboards and
communication tools
• Communitive
governance process
with collaboration's
tools
Automated policy
enforcement (technology)
• Web services MGT
platforms
• Services register
• Security appliances
and infrastructure
• Reliable messaging
and intermediaries
• Policy engines
• Network
infrastructure's