Information sensitivity and protection of data Essay

Information sensitivity and vindication of data - Essay ExampleIt is important beca single-valued function organizations policies in some ways reflect the underlying conclusion and values. Modern organizations instill performance and cultural values much(prenominal) as mutual trust and trustingness as an integrative mechanism (Fairholm & Fairholm, 2008 pp.103-104) rather than exercising sheer authority and control (Masters, 2005 p. 271). Mayo arse (referred to as Mayo in rest of paper) outlines a guidance oriented policy. In contrast to Mayo, Beth Israel Deaconess (referred to as Beth Israel in rest of paper) has a strongly authoritative tone in outlining its policy with strong worded phrases such as Users have no expectation of personal privacy of any kind related to their use compared with contents will not be monitored, observed, viewed, displayed or reproduced in any form by anyone other(a) than the sender or recipient unless particularizedally let by an officer in Mayo f or the akin purpose. Georgetown University (referred to as Georgetown in rest of paper), on the other hand, presents a matter-of-factly and exhaustive policy covering some(prenominal) aspects of security separately. Amongst the three policies, Mayo was found to be the most well structured and easier to follow with intersect referencing links leading to further details, such as local implementations or human resource policies, for specific areas where needed.Some of the common themes followed in each policy are confidentiality, integrity and availability of information. These themes are in any case recognized by NIST as foundations for an information security policy (Ross et al, 2007 p. 4). At a specific level, responsible use of resources, data access control and physical security are found common in all three policies. While these themes are covered in each document, the way they are utilize and enforced is different. For example, in terms of confidentiality, Mayo clearly and concisely describes how information is to be accessible to authorized personnel at authorized