NCJ Number
74171
Journal
Security Management Volume: 24 Issue: 12 Dated: (December 1980) Pages: 18,21-22,25
Date Published
1980
Length
4 pages
Annotation
This article describes a strong policy structure as the basis for an effective security program and includes a description of the structure, constituent parts, development, and functioning of a policy structure.
Abstract
The policy structure can be viewed as a three-level tree consisting of a top level that provides broad, general guidance toward a management goal; a middle level that sets standards, establishes needed uniformity, and identifies preferred methods and technology; and a bottom level that provides local or unit-oriented directions. The article lists some general rules for developing a good policy, including mandating critical actions such as the reporting of large thefts, and establishing prohibitions and exceptions. Key features of an effective policy are also listed. These include a brief statement of the end result desired for each major function covered; clearly defined critical prohibitions, such as prior approval of particular papers or public statements; decision rule frameworks allowing for local flexibility in determining compliance actions; and requirements that have the general consensus of senior managers at lower levels. Essential features of the policymaking process include the support of top management, review and comment by lower levels of the organization, and clear specification of the effective date. The functions of standards and procedures in helping develop the policy structure as a powerful and flexible management tool are also discussed. A chart of a policy structure's three levels is included.