The primary objectives of Information Security Policy are to:
ISMS processes and controls shall be integrated with the organization’s processes and it shall be ensured through defined roles and responsibilities. User (employees and third party suppliers having access to SRM Accounting’s systems and information) shall be responsible to update themselves through awareness and internal training program on ISMS policies & procedures and ensure compliance to the same in their respective areas of responsibilities.
The effectiveness and efficiency of the ISMS shall be reviewed on continuous basis to ensure set objectives are met. SRM Accounting shall develop its monitoring and measurement process enlisting.
Employees shall follow the ISMS policy instructions through procedures, standards and guidelines. All employees shall report security breach incidents, software malfunctions and security weaknesses as per the directive available in the ISMS policy and Security incident management procedure document. Employees are responsible to update themselves through awareness and internal training program about various ISMS initiatives, take active participation and help ISMS team to comply with ISMS controls successfully. Employees shall not tamper with security controls implemented by SRM Accounting. ISMS Policy Manual and Acceptable IT Usage Policy are applicable to all employees, third party personnel and subcontractor, who needs access to SRM Accounting assets (facilities, information, systems etc.). This document with approval from management reflects the INTENT, COMMITMENT & SUPPORT at the executive management level of Organization’s Management forum for successful implementation of Information Security Management System in the Organization.
Social networking sites are online virtual community on the internet sharing common interest or common attributes (like organization, friends, technology domains etc.). Some of the popular social networking sites are Facebook, Twitter, Yammer, LinkedIn, Flickr, YouTube, etc. These sites are gaining popularity and been used as efficient tools for knowledge sharing or opinion sharing on a subject or interest. However, improper use of these will lead to information security breach resulting into reputational or information loss. Some of the websites are blocked on SRM Accounting’s Internet Gateways & access is granted to users only with appropriate business justification and approval from relevant authorities.