vault backup: 2022-09-21 12:39:30

2025-12-27 14:54:05 -06:00 · 2022-09-21 12:39:30 +12:00 · 2022-09-21 12:39:30 +12:00 · 360b21f0a5
commit 360b21f0a5
parent b28185e61b
1 changed files with 47 additions and 0 deletions
--- a/content/notes/14-policies-standards-practices.md
+++ b/content/notes/14-policies-standards-practices.md
@ -0,0 +1,47 @@
+---
+title: "14-policies-standards-practices"
+aliases: 
+tags: 
+- comp210
+- lecture
+---
+
+# news
+- apple securit flaw for iphones ipads and macs
+- chrome patch actively exloited zero day
+- github blighted by researcher who created thousands of malicious projects
+- russian cyber attacks of lockheed martin
+	- armed forces hack into HIMARS
+
+# Policies
+Defn: a plan or course of action to influence and determine decisions
+
+- high level rules regarding operations of organisation
+- policies state the management intent and will
+- governments, businesses, political parties, universities etc
+
+provide roadmap for day-to-day operations
+- organisation internal law
+	- also comply with actual law
+- important for resolution of legal disputes
+	- provide accountability
+	- can protect org and employees
+- ensure consistency
+	- dont often change or deteriorate when staff changes
+- evidence of quality control, internal audits etc
+
+## good policies are
+- disseminated
+- read
+- understood
+- agreed-to
+- uniformly enforced
+
+# Procedures
+Defn: step by step descriptions of what employees must do to achieve a certain goal (as specified by a policy)
+
+- must be kept separate from policies
+- keeping them together will create a complex document that will (likely) not be read
+
+![policy and procedure p](https://i.imgur.com/rdQaLkh.png)
+