Security Policy and Controls Assignment

Consider the organization where you work, or an organization where you would like to work if you are not currently employed.

•Create a Policy that would benefit your organization

•Suggest some controls for your policy

•Suggest an audit mechanism

Use the following Format for your policy:

You should put one or two sentences here that summarize thepolicy and its purpose for management. This is typically an explanationof why the policy exists. Don’t be too technical.

This is where you define who or what the policy applies to, fromall employees to only cashiers that handle cash in the front office. Ifit applies to equipment, it could be all equipment, all servers, allnetwork connected equipment, or just company issued cell phones. Bespecific.

This is where the policy is actually defined. Don’t be toospecific, leave that to the procedures and controls that support thepolicy.

For example, a password policy might state that users cannotshare passwords, passwords must be complex, help desk personnel neverrequest passwords, and passwords must rotate periodically. The detailsof good password construction can be then put in a guideline document,instructions for the help desk on reseting passwords can be a procedure,and that Group Policy is used to force password changes every 60 daysis a technical control. None of that should be in the policy, but it allneeds to be properly documented and communicated to the people thatneed it – the guidelines to all staff, the help desk procedure to helpdesk staff, and the technical controls to the domain admins.

If you are in doubt remember that good policy statements talk about whatthe policy is trying to accomplish, and are addressed to a wide audience. Procedures and controls talk about howit is to be accomplished and are addressed to the staff that must carry it out.

Typically, this section includes the job title of the personresponsible for overseeing its implementation or the department ifmultiple people are responsible, a reference to audit mechanisms, andthe consequences for failure to abide by policy.

This section usually contains definitions of technical orambiguous terms, cross-references to applicable regulations, and otherpolicies that relate to this policy. Examples include union contracts,discipline policies, and implementation guidelines. In our passwordpolicy example, this where readers would be told to consult the passwordconstruction guideline document.

If there any circumstances that might allow temporary exceptionto the policy, such as during an emergency, define them here. If thereis anyone with the authority to temporarily waive the policy, theyshould be identified by job title. This section is often omitted sincemany policies do not allow any exceptions.

Is this the question you were looking for? Place your Order Here

Answers

Related Questions

D Customer...

Discussion -Customer Centric Relationships, Create Advocates, and Influence Your Customers  Textbook for this module:  Customer Centric Marketing:...

No Plaguariam...

1.     Please submit solutions to Ch.1-2 Apply-Excel and Foundational 15 Problems at end of chapters (pg. 51-53) in an Excel file (with related ce...

The Role of Trust...

  Read this article: The-Role-Of-Trust-In-Consumer-Relationships After reading reflect with the following: 1. A brief overview of what the readin...

Discussion Question...

Canton, L. G. (2007). Emergency management: Concepts and strategies for effective programs. Hoboken, NJ: Wiley.Chapter 2, “Emergency Management: A...

Sustaining Employee Performance Paper...

Write a 1,050- to 1,400-word paper addressing the following:Identify two jobs within the company of your choice.Describe the general function of perf...

PICO Evidence Worksheets...

Directions    •    Download the PICO/Evidence Appraisal worksheets form from Course Resources. Consider what is the nursing problem or issue t...

The Strategic Planning Process...

“ The volatile healthcare market demands that providers be nimble competitors with advanced, ongoing planning processes that drive growth and organi...

Identifying Potential Malicious Attacks, Threats a...

Assignment: Identifying Potential Malicious Attacks, Threats and VulnerabilitiesYou have just been hired as an Information Security Engineer for a vid...

Week 3 discussion 1 & 2 ( will pay $10)...

 Week 3 - Discussion 1 Career Options When most people think of the careers in education, they default to a classroom teacher.  In the past decade...

Assignment: "Code of Conduct Memo - Draft"...

Assignment #1: "Code of Conduct Memo - Draft" You are a manager at a call center. The company frowns upon phone calls and texting during work hours....

part 1 week 3...

Management Capstone Project for CocaCola Part 1 week 3 This assignment will require you to develop a staffing plan to attract, develop, and retain goo...

Unit 4 DB...

In an HMO, the primary care physician acts as the "gatekeeper" to all higher levels of care that the patient may need. In theory, this means that the...

Global business paper and powepoint slide...

 I already got the abstract and introduction as well as the back ground written i need the rest done who really know about global business expansionP...

write response about both 2 discussions at least 2...

1, USA The Cold War was a geopolitical war that was mostly caused by the United States.  Even though the USSR was a major player in the world and th...

Case Study 1: Bring Your Own Device (BYOD)...

Case Study 1: Bring Your Own Device (BYOD)Read the following articles: “The dark side of BYOD”  (http://www.techrepublic.com/blog/tech-decision-m...

Micro Loans & Cooperation...

Need a 200 words minimum response with reference by 1/13/17  Kiva.org (2016) is one of the best know microloan charities. The concept is simple. Ins...

Needs to be 1st time paper...

I am taking an MBA Health Care Management class. Would you be able to tackle this?  The Term Project is an applied and integrative case study scenar...

Multi-Touch Screens vs. Mouse-Driven Screens...

Assignment 1: Multi-Touch Screens vs. Mouse-Driven ScreensThe following resources may be helpful when completing this assignment.Dearden, A. (2008). ...

Needs to be 1st time paper...

Written Assignment Leadership competencies are among the many important topics discussed in the chapters read in this module. Click here for a li...

I am majoring in complementar & Alternative Health...

 Formulating a Career PlanKnowing which career you want to pursue is an important first step to tackling your job search and career goals. However, s...

Complete math Discussion....

Read the following instructions in order to complete this discussion, and review the example of how to complete the math required for this assignmen...

B7530 Corporate and Global Finance Week 1...

Assignment 2: Discussion—Corporate Financial StructureThough corporate capital structure (also called capitalization) and corporate financial struct...

"Compare Two Versions of the Same Article by an...

"Compare Two Versions of the Same Article by an Author"  Please respond to the following:Read the two (2) versions of the article titled: “The Obje...

10 page paper...

I need someone to write a wellness initiative encompasses the ideals for your own corporate wellness program and describes how you will engage employe...

If you didn't find the right answer

Ask Your Questions, We'll notify you once someone answers it