A supermarket is a business that is mostly a self-service shop with a very extensive variety of food products and household equipment. It is common to find the store in a mall since customers can purchase many goods in one place hence being convenient. With the supermarket being a relatively large business, it requires for there to be security policies to ensure that daily activities are done accordingly without any hitches. With the number of employees exceeding forty, it needs for there to be measures in place to facilitate security. Also, there being a considerable number of external personnel such as contractors, suppliers, and customers, it warrants the existence of procedures and policies to be followed to ensure high standards maintenance. Even in areas that seem friendly, it would be naïve for a business person to assume that all employees, management officials, and customers should be left unmonitored. The policies should, therefore, be in place as preventive measures for any hitches that may occur. Customer satisfaction with the aim of building the supermarket’s brand is also a reason for these policies since customers always like to associate with businesses that put a priority on customer security in addition to quality products.
An adequately defined security policy is one that protects people and information. It sets rules to adhered by dictating the expected behavior and determining the consequence s of violating the set rules. The different security policies for the supermarket are divided into different categories to facilitate the different audiences. The audiences include employees, suppliers, contractors, and customers. Some of the general security policies include:
Delegate your assignment to our experts and they will do the rest.
All company communications done internally should be done through memos and emails.
All company communication done to external persons such as customers, suppliers, and contractors should be done through emails, the company website, and company contact numbers.
All employees are required to have an account using their employee Identification numbers to access the company information.
This policy ensures the authenticity of all information passed through and avoidance of fraudulent attempts to give wrong information. It also allows there to be proper tracking of employee activity and allow for accountability. The set company contact information also prevents the customers from being frauded. The standards to support the policy are:
Work-related communication and information passed in the supermarket should be done through the right channels. Memos are required to give information that may be useful for the broader population of employees and sometimes customers. The data to be passed through this method should need immediate attention. Emails should be used for departmental communication and communication with customers, suppliers, and contractors to ensure formality. The company telephone numbers should be available for calling by customers and the company’s business partners such as suppliers.
All employees who may need access to the supermarket information database are required to have an account to log in. The login details should include the employee's Identification Numbers for easy identification. The accounts are supposed to facilitate the monitoring of the activities done by the employees. Through monitoring, accountability is ensured and reduces denials. Employees are also required to log out once they have completed the task they had. The move is to avoid the mix-up in accountability once there is an error occurrence.
To ensure that the policy is implemented the standards maintained the given practices should be applied:
All communication materials should be located and stored in the communications department.
All employees should create login accounts with their Employee Identification Numbers as usernames.
Employees should always log out after every session they have engaged in.
The company’s email account should be managed by the authorized employees.
Any attempt to act against the policy should be liable to disciplinary action by the company disciplinary panel.
The password security policy states that:
All accounts created for both customers and employees should have passwords of a minimum of 6 characters.
This policy aims at making sure an individual’s online account cannot be accessed by an intruder. The standard that works for the policy is:
A password should be six characters long and should include at least one number and one letter. The password should not contain other symbols such as @, #, &, *,
The practices to support the policy are:
A customer should create an account using his or her email and have a password that is easy to remember while also being discrete.
Employees should create accounts with passwords that are discrete
The physical security policy states that:
Only authorized personnel are supposed to be in the security offices.
CCTV access is limited to the security department employees.
CCTV cameras should be operational at all times.
All employees should wear Identification badges and company department colors for visual identification.
All security threatening incidents should be reported to the necessary management
The main aim of putting these policies is to facilitate proper security visually. It also ensures that there is identification of fraudsters in the supermarket an avoid attempts of tampering with the video footage. The standards of the policy include:
No individuals should be allowed into the security department offices without a monitoring security official. Keys to these offices are to always be at the hands of the employees in the security department. Under no circumstances should the keys be given to unauthorized individual.
The CCTV monitoring offices should be off-limits unless there is need for investigations to be done thereby allowing monitored access.
Under no circumstances should the CCTV cameras be switched off during office hours and closing hours. During this time, there should always be an attending security personnel to monitor the live feed. All video footage should be stored for later access when needed.
It is a requirement advised by the security team for all staff to ensure they dress in their official uniforms and supervising staff to wear authentic badges for easy identification through the cameras. All employees should also wear the department uniform colors for easy identification of employees not at their supposed posts.
All suspicious activities that are noticed by the employees should be reported to the necessary management for investigation. The move is not to assume any act without having the necessary information through information.
The practices to support the policy are:
The security department offices should be out of bounds for unauthorized individuals
The security cameras should be provided with proper maintenance
All staff should wear the company official uniforms or badges.
All suspicious activities should be reported immediately and investigated.
Failure to adhere to the policy warrants summoning to the disciplinary panel for questioning which may lead to punishment.
The Communications security policy states that:
All communication done should be done by the communications department.
Protect the company’s image.
The policy is supposed to ensure that all communication done to external persons and companies should be protective of the company’s image through authorized access to company email account. The policy defines the standards to prevent harming the public perception of the company. The standards for the policy are:
All communication passed should exclusively come from the communications department. Any information that is passed should be presented to the communication department officials for scrutiny.
All information should ensure the company’s name and image are not tarnished.
The practices to support the policy are:
The communication department should be liable for all information being passed around in the supermarket and through online means.
All information that concerns the company displayed to the public should be reviewed by the management.
Misleading information should be treated as an act of negligence and liable to disciplinary questioning and reprimand.
The mobile policy states that:
Employees in the communication and IT departments are allowed to use their personal devices for office duties.
All devices are viable for security checking
The policy is aimed at providing alternatives to the technological devices in areas that do not possess a significant security threat to company information but are, however, essential. Security checks nevertheless ensure there are protective measures. The standards that support the policy are:
Only members of the communication and IT departments are required to activate the Bring Your Own Device (BYOD) policy since they possess a lesser security risk and also facilitate more productive work. The communication department requires to be active at all times and thus requires an alternative in case a company device fails. The IT department also needs to be functioning onsite and offsite thus necessitating the alternative use of devices that are close to the employees such as smartphones and laptops.
The devices in BYOD policy should always be presented for security checks before use and after clocking out of work.
The practices to promote the policy are:
The use of personal devices in the workplace is prohibited except for the communication and IT department employees.
All personally owned devices should be checked for security purposes to ensure no company data is stolen.
Any action to take data should be dealt with severely by the disciplinary panel.
Attempts to use personal devices for unauthorized employees should warrant a reprimand.
All policies should be heeded to facilitate the company’s smooth run of activities.