Hello, class, I was just thinking about not having rules in place for a website, I know I would not think about going there to do any type of business. I would not rest very well knowing that my personal information that is in someone else's hands that have not taken the proper steps to make sure that my information was secure in their database. Knowing what I know now, I would never visit that site. On a personal note, it has taken me a very long time to start buying things online. The biggest thing that I did not know at that time if it was is it safe. There are a lot of people that fill the same way now, how I felt years ago. As time passed and organizations put policies in place that will ensure that the data is kept safe from those who would take advantage of that information.
I once work for an organization that had little to no police in place and yes it did cause a problem. The organization staffed about 25 employees. The owner wanted to keep open door policies for the employees. When the system went down at three o'clock pm on a Thursday and it was down for the entire weekend. On the following Monday, that is when the problem was found and what was the cause was. Someone accepted an email from someone that was in the personal email account. Then and only then is when policies when it to place about the personal use of the organization's computer use.
The owner had to find it out the hard way. How not having policies in place will affect you in the worst way and mostly at the wrong time. If policies were in place before the organization went down. Yes, it all could have been prevented.
I would have to agree with Leishla Perez-Perez that organizations have to know what their needs are so a risk assessment is one key factor in planning for organizations policies and planning accordingly to what those needs are and put them in place. Organizations should test their organizations policies to ensure that nothing is overlooked.