Speaker
Description
Office of Atoms for Peace (OAP), the nuclear regulatory body in Thailand has gone through the steps and guideline provided by IAEA of conducting an effective information security policy which shall include (i) Analysis of organizational information especially sensitive information, (ii) Information classification, (iii) Information security policy framework design and implementation, and (iv) Sustainability of information security policy. Therefore, the OAP’s information security policy and plan has then been reviewed and updated in accordance with the Nuclear Energy for Peace Act (2017) and IAEA guideline. However, the reality shows that this information security policy (ISP) has not been used effectively throughout the organization. There exists some hindrances experienced by OAP staffs in implementing and sustaining the ISP. One of them is the incoming of new evolving threats and rapid advancement of technology caused the ISP to be revised and updated more frequently to take account of such threats. Moreover, poor communication between top management and employees regarding security policy and security culture is also an obstacle resulted in the ineffective policy. In addition, an effective integrated management system which help to ensure the confidentiality, integrity, and availability (CIA) of sensitive information, as well as a robust security culture and strong security awareness program such as security training, qualification program, etc. are key factors for better sustaining the policy.
State | Thailand |
---|---|
Gender | Male |