User Account

All Pages

Create security policy that would benefit your organization

Assignment Help Computer Network Security
Reference no: EM132385325

Assignment: Consider the organization where you work or an organization where you would like to work if you are not currently employed.

• Create a security policy that would benefit your organization

• Suggest some controls for your security policy

• Suggest an audit mechanism to determine complianceUse the following Format for your policy:

Overview

You should put one or two sentences here that summarize the policy and its purpose for management. This is typically an explanation of why the policy exists. Don't be too technical.

Scope

This is where you define who or what the policy applies to, from all employees to only cashiers that handle cash in the front office. If it applies to equipment, it could be all equipment, all servers, all network connected equipment, or just company issued cell phones. Be specific.

Policy

This is where the policy is actually defined. Don't be too specific, leave that to the procedures and controls that support the policy.

For example, a password policy might state that users cannot share passwords, passwords must be complex, help desk personnel never request passwords, and passwords must rotate periodically. The details of good password construction can be then put in a guideline document, instructions for the help desk on reseting passwords can be a procedure, and that Group Policy is used to force password changes every 60 days is a technical control. None of that should be in the policy, but it all needs to be properly documented and communicated to the people that need it - the guidelines to all staff, the help desk procedure to help desk staff, and the technical controls to the domain admins.

If you are in doubt remember that good policy statements talk about what the policy is trying to accomplish, and are addressed to a wide audience. Procedures and controls talk about how it is to be accomplished and are addressed to the staff that must carry it out.

Compliance Measurement

Typically, this section includes the job title of the person responsible for overseeing its implementation or the department if multiple people are responsible, a reference to audit mechanisms, and the consequences for failure to abide by policy.

Definitions, Related Standards, and Policies

This section usually contains definitions of technical or ambiguous terms, cross-references to applicable regulations, and other policies that relate to this policy. Examples include union contracts, discipline policies, and implementation guidelines. In our password policy example, this where readers would be told to consult the password construction guideline document.

Exceptions

If there any circumstances that might allow temporary exception to the policy, such as during an emergency, define them here. If there is anyone with the authority to temporarily waive the policy, they should be identified by job title. This section is often omitted since many policies do not allow any exceptions.

Reference no: EM132385325

Questions Cloud

ACC60008 Accounting Systems and Reporting Assignment Problem : ACC60008 – Accounting Systems and Reporting Assignment Help and solutions- Swinburne University of Technology Australia
Describe any outside connections to the internal systems : Identify and describe any outside connections to the internal systems. Summarize the benefits the company would realize through the implementation of operating.
Why institutions are reluctant to move their it to the cloud : Why institutions are reluctant to move their IT to the cloud. Consider specific industries like education, medicine, military, etc.
How you will use the knowledge and skills to support goals : After addressing the problems, conclude your paper with details on how you will use this knowledge and skills to support your professional and or academic goals
Create security policy that would benefit your organization : Create a security policy that would benefit your organization. Suggest an audit mechanism to determine complianceUse the following Format for your policy.
About security flaws in unix-windows operating systems : Conduct research using the library and Internet for information about security flaws in UNIX, open source, and Windows operating systems.
Successful or unsuccessful with implementing strategies : Your overall thoughts of whether the organization was successful or unsuccessful with implementing the strategies from each of the above chapters.
Develop a plan to deploy public key infrastructure : In this assignment, you play the role of chief information technology (IT) security officer for the Quality Medical Company (QMC). QMC is a publicly traded.
ECO5000 Economics for Managers- Assignment Problem : ECO5000 Economics for Managers Assignment Help and Solutions-University of Southern Queensland- Australia-Prepare a manufacturing cost table up to 15 units.

Reviews

Write a Review

Computer Network Security Questions & Answers

  An overview of wireless lan security - term paper

Computer Science or Information Technology deals with Wireless LAN Security. Wireless LAN Security is gaining importance in the recent times. This report talks about how vulnerable are wireless LAN networks without any security measures and also talk..

  Computer networks and security against hackers

This case study about a company named Magna International, a Canada based global supplier of automotive components, modules and systems. Along with the company analysis have been made in this assignment.

  New attack models

The Internet evolution is and is very fast and the Internet exposes the connected computers to attacks and the subsequent losses are in rise.

  Islamic Calligraphy

Islamic calligraphy or Arabic calligraphy is a primary form of art for Islamic visual expression and creativity.

  A comprehensive study about web-based email implementation

Conduct a comprehensive study about web-based email implementation in gmail. Optionally, you may use sniffer like wireshark or your choice to analyze the communication traffic.

  Retention policy and litigation hold notices

The purpose of this project is to provide you with an opportunity to create a document retention policy. You will also learn how to serve a litigation hold notice for an educational institute.

  Tools to enhance password protection

A report on Tools to enhance Password Protection.

  Analyse security procedures

Analyse security procedures

  Write a report on denial of service

Write a report on DENIAL OF SERVICE (DoS).

  Phising email

Phising email It is multipart, what are the two parts? The HTML part, is it inviting the recepient to click somewhere? What is the email proporting to do when the link is clicked?

  Express the shannon-hartley capacity theorem

Express the Shannon-Hartley capacity theorem in terms of where is the Energy/bit and is the psd of white noise.

  Modern symmetric encryption schemes

Pseudo-random generators, pseudo-random functions and pseudo-random permutations

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd