Asda will have different types of information. Some of their information will be more important than other information within the organisation.

Asda need to ensure that the organisation receives the information it requires and that only their appropriate employees receive the information. Asda need to make sure that their information is handled properly so some policies and procedures have to be put in place. These are the following headings:•Security of information•Backups•Health and Safety•Organisational policies•Business Continuance plans•CostsSecurity of information Information needs to be secure for a business so they usually would keep their important information stored in digital format. Information security management deals with digital data. Large businesses need to make good business decisions all the time so it is important that they are able to access their important information wherever and whenever they want, so this is why large business would usually use IT systems to store their information, but as the reliance on technology increases, so does the risk posed by the system failure and malicious attacks.So businesses IT policies should take into account of the frequent dangers to their information the business relies on.

This relates to Asda as they have secure login identification, so when an employee from Asda logs onto the computer they needs to put their unique username and password and they will be able to access all their they are authorised to access. Asda may also have firewalls on their system to stop hackers getting onto their own personal network. Software Asda would consider is antivirus. This stops Asda’s system from getting viruses. Asda would need to ensure that if there is an update for this software than they go forward with it, as this will give their systems the best protection from viruses.Backups Many large businesses will have developed business continuity programmes, these are to try and lower the chance of losing their important information that is saved onto a computer.

Asda will have backups of their important information stored on hardware. This is because if their software on their machines are accidentally wiped then all their information is not lost as it will still be safe and stored on the hardware. Asda will also have backups running through their systems all day long. They will have automatic backups that could take place at least once every hour, this ensures that not all work is lost only work that has been done in the past hour.Health and SafetyBusinesses need to be aware of the dangers of their colleagues using ICT equipment if their using them every day.

The slightest tilt of the monitor can be said to be a health issue. If an Asda employee were to sit at a desk staring a computer screen all day Asda need to ensure that the colleagues do not have bad posture, any incorrect positioning of equipment and susceptibility to repetitive strain injury as these are seen as a health and safety risk and Asda need to take these seriously. Asda need to carry out regular workstation assessments to make sure that all employees screen are at their right level.When it comes to staff training in Asda, the company need to ensure that all employees and new colleagues are made aware of the health and safety issues within the business. If a new piece of equipment or machinery is introduced to the Asda stores, the organisation needs to train their staff on how to use them properly for everyone’s health and safety.

Asda need to stick by the rules and regulations to legislate the use of computer equipment. These are:•The Health and Safety (Display Screen Equipment) Regulations 1992•Management of Health and Safety at Work Regulations 1992•Provision and Use of Work Equipment Regulations 1992•Workplace (Health, Safety and Welfare) Regulations 1992Organisational policies Organisational policies are policies that are in a business. They are rules and regulations that are needed and also need to be clear within the work place. These policies ensure that decisions affecting staff are:•Understandable and consistent•Meet legal requirements•Take full account of their impact•Contribute to productive working relationships An example of this would be an Asda employee breaking the Data Protection Act, e.g. employees having lack of concentration when sending an unauthorised email to another employee.

This email could contain a lot of important information and the employee may have sent it to someone that should not have seen it. Or the email could contain personal information that isn’t for anybody else’s eyes.Business Continuance plansThis is where businesses like Asda would have plans of what they would do if the worst case scenario where to happen. This would relate to Asda as they would have regular backups on their systems every hour to make sure that not all work is lost if something bad were to happen. Asda would have to think of all the possibilities and even include natural disasters such as flooding, fire or human error, accidents like human error or malicious attacks which would be hackers and people trying to breach Asda’s security systems, so Asda would need to ensure that their employees are saving their work onto their own central server rather than the employees personal hard drives.Costs Most businesses would like to take into consideration all the ways of protecting and securing their company’s information, but some ways of securing information can be quite costly and some small business cannot maintain their information because of the price of doing so.

As Asda is a big business they are able to keep their information secured easily but for smaller businesses deciding how to protect their information, they would need to consider the costs of doing so versus the benefits to the business. Asda would need to consider if they need to purchase any new equipment or employ any additional staff for the information to be stored. They would also need to consider the costs of development.