Week 5 why need information security awarness traing

Information security awareness training is very important to the employes at the department of information security  to keep them up date with every aspect of security in life , also is helps the company with security matter , in my idea  training should be monthly to the employee, most of organization do it every 6 month or sometime due to the security problem . well, keep training and be knowable  should be the rules in the security department .

The goal is to provide training and awareness that will result in:

• Your company adequately protecting each customer's PII from inappropriate exposure or sharing
• Giving your customers the opportunity to indicate their contact preferences at the point where their PII is collected.
• Personnel's understanding that senior management is serious about protecting customer's PII, and that personnel who do not comply with security and privacy policies could face serious consequences, including termination.
• Customer PII not being used for any purpose that was not disclosed to the customer at the time of collection.
• Customers being able to opt out of any touch-point or service (such as a newsletter subscription or Web site), and ensuring that your personnel know the appropriate processes that must be in place to honor the decision.
• Ensuring you give customers information about what you are doing to protect their PII, how it will be used, and knowing how to give them choice for deciding whether to be included in your marketing databases.
• All your company email communications being opt-in, with very few approved exceptions for administrative contact. Mobile phone marketing and third party data sharing should also be restricted to opt-in. Postal and phone communications are typically opt-out, but it is a good leading practice to also make these opt-in.
• Protecting your customer PII by contract (written agreement) and compliance audits. 

  Reference:
New Books. (n.d.). Retrieved May 28, 2015, from http://www.infosectoday.com/Articles/Security_Awareness_Training.htm
Security Awareness: A Sound Business Strategy. (n.d.). Retrieved May 28, 2015, from http://www.nativeintelligence.com/ni-programs/whyaware.asp

week 3 why policy ?

Most of company has information security policey to help the organization to make clear for the employee the safity is important for them as emplyee and for the customers who trust the company as business .Morover, every company has to put think about three things when they do the policy
*policy never argue with the laws
* policy must be have room for cour if challenged .
* policy must be supported and adminststred.

Week 2 Value statment, Vision statment,Mission statment

To do any effective planing for the company , need to think of the three statments Value, Vision,  and Mission .
Value starment : what the organization can do and promise , in other word is the resons for the all company.
vision statment : is about what is the company goals in curnent and futuer, andis very important to be clear and has meaning value .
Mission statment : can define why the company there and who is target this company , is has to be more spesific and majrable .
Those are the three statment if they are defining in any orgnaziation ,they will be helping alot in the process of implementing , and keep the organization has meaning and value to be out there.

Week 1 , Managment and leadership

Most of us confuse about manager and leader, I think both  they have to go together in the same direction  lead the organization to achieve the goals. manager is the person who do the laws inside the organization due to the need of the organization and flow those laws , while the leader don't have  laws or rules to flow it , but they do thier rules acording to there need in place and time , also manager are do need alot of eduacation , due to the workplace , but leader don't need alot of education.
In my idea i think organization today need leader and managment to make the organization secuseed , also recommend that the organization can look for employee who are leader and then make him/ her managers that will help the organization alot specislly with group project .