Pulling it all together – Social Engineering Security Policy

profilespiro117
w5.docx

Consequences of Policy Violation

Importance of Compliance

The employees will benefit significantly from the policy. It will provide them with measures that they can rely on to conduct functions in the organization without the fear of being attacked by an imposter. The policy will offer estimates on how employees can recognize hackers attempting to steal their information. The employees will be able to protect the information and data that they are using and collecting on behalf of the organization and, at the same time, protect the technology they are using. As a result, every employee will enjoy operating their devices in a safe IT environment full of supportive colleagues with whom they can work together to identify fake personas trying to steal information from them (Chen et al., 2015). Consequently, studying the guidelines and materials that the company will supply to the staff regularly will enable the employees to stay up to date with the changing criminal trends while allowing the employees to understand the reasons why the organization has implemented various procedures and practices. This is important in developing cohesiveness, which ensures that no employee will be left behind.

Consequences of Failure of Compliance

Failure of an employee to comply with the guidelines acquainted to them during the training will result in disciplinary actions, which can add up to termination of employment depending on the extremity to which the employee has violated the policy (Hu et al., 2011). Also, the disciplinary action will extend to legal measures implemented for the different violations that apply to various laws such as GLBA. Therefore, compliance with the company's social engineering policy will be enforced through inspection, oversight, corrective actions, and disciplinary and administrative measures.

Possible Ramifications

Failure to comply with the organizational policy will attract numerous ramifications that will affect both the employee and the organization at different intervals. The first ramification is that the organization will have to face lawsuits for confidentiality breach agreement with the employees. The business owner will be forced to compensate for damages committed after the employee's identity was stolen, involving large sums depending on the data disclosed. Hacking information revealing the company's trade secrets by a competitor will cost the organization a lot as they will be on the verge of losing revenue and market share. After revealing this type of information to the competitor, the ramification for the employee will attract punitive damages.

Non-compliance consequences extend to the organization's loss of relationships and clients due to a damaged reputation, which will make it difficult for the organization to establish trust with present and future clients. This is devastating to an organization's sustainability. On the other hand, the employee who breaches the social engineering policy guideline might be blacklisted, hindering them from securing employment with other organizations. Another consequence for non-compliance for the employees will include employment termination and any other form of provision seeking monetary damages to be executed by the organization, which will affect the liability credibility of the employee both now and in the future. In other scenarios, the policy breach can be severe to attract criminal charges, which leave the employee on the verge of possible ramifications.

References

Chen, Y. A. N., Ramamurthy, K. R. A. M., & Wen, K. W. (2015). Impacts of comprehensive information security programs on information security culture. Journal of Computer Information Systems55(3), 11-19.

Hu, Q., Xu, Z., Dinev, T., & Ling, H. (2011). Does deterrence work in reducing information security policy abuse by employees?. Communications of the ACM54(6), 54-60.