User Account

All Pages

Create security policy that would benefit your organization

Assignment Help Basic Computer Science
Reference no: EM132399427

Consider the organization where you work or an organization where you would like to work if you are not currently employed. • Create a security policy that would benefit your organization • Suggest some controls for your security policy • Suggest an audit mechanism to determine complianceUse the following Format for your policy:

Overview

You should put one or two sentences here that summarize the policy and its purpose for management. This is typically an explanation of why the policy exists. Don't be too technical.

Scope

This is where you define who or what the policy applies to, from all employees to only cashiers that handle cash in the front office. If it applies to equipment, it could be all equipment, all servers, all network connected equipment, or just company issued cell phones. Be specific.

Policy

This is where the policy is actually defined. Don't be too specific, leave that to the procedures and controls that support the policy.

For example, a password policy might state that users cannot share passwords, passwords must be complex, help desk personnel never request passwords, and passwords must rotate periodically. The details of good password construction can be then put in a guideline document, instructions for the help desk on reseting passwords can be a procedure, and that Group Policy is used to force password changes every 60 days is a technical control. None of that should be in the policy, but it all needs to be properly documented and communicated to the people that need it - the guidelines to all staff, the help desk procedure to help desk staff, and the technical controls to the domain admins.

If you are in doubt remember that good policy statements talk about what the policy is trying to accomplish, and are addressed to a wide audience. Procedures and controls talk about how it is to be accomplished and are addressed to the staff that must carry it out.

Compliance Measurement

Typically, this section includes the job title of the person responsible for overseeing its implementation or the department if multiple people are responsible, a reference to audit mechanisms, and the consequences for failure to abide by policy.

Definitions, Related Standards, and Policies

This section usually contains definitions of technical or ambiguous terms, cross-references to applicable regulations, and other policies that relate to this policy. Examples include union contracts, discipline policies, and implementation guidelines. In our password policy example, this where readers would be told to consult the password construction guideline document.

Exceptions

If there any circumstances that might allow temporary exception to the policy, such as during an emergency, define them here. If there is anyone with the authority to temporarily waive the policy, they should be identified by job title. This section is often omitted since many policies do not allow any exceptions.

Reference no: EM132399427

Questions Cloud

Developed multiple plans and recommendations for your client : During this course, you have developed multiple plans and recommendations for your client, Sunshine Health Corporation.
Developing complete disaster recovery plan : You will be developing a complete Disaster Recovery Plan to be submitted to the executive board of your company.
Discuss the new skills you acquired from this class : Base on the course content, discuss the new skills you acquired from this class? How would you apply your new knowledge of your current and future profession?
Successful or unsuccessful with implementing the strategies : Your overall thoughts of whether the organization was successful or unsuccessful with implementing the strategies from each of the above chapters.
Create security policy that would benefit your organization : Create a security policy that would benefit your organization. Suggest some controls for your security policy.
How nonsynchronized method in java class works : Compare and contrast the way a protected functionin Ada works versus how a nonsynchronizedmethod in a Java class works when the class has other methods
The organization suffering financial losses : Describe the impact of the problem. In other words, is the organization suffering financial losses? Discuss the gaps that you will need to bridge.
It infrastructure security policies are represented : IT infrastructure security policies are represented in many types of policy documents, depending on the organization's network and infrastructure needs
Define several forms of metadata : Define several forms of metadata that can be useful to an investigation. How are valuable to an investigator?

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Group policy in an organization

Discuss some of the benefits and disadvantages of using group policy in an organization.

  Difference between a shallow copy and deep copy

What's the difference between a shallow copy and deep copy in computer science and when would you use either?

  Ethical issues related to data customer collection

Research and assess the ethical issues related to data customer collection and information management. How will customer information be protected?

  Common end-user support problems

What problem solving skills, critical thinking skills, and common end-user support problems are addressed and would be effective for each of the three problems?

  Describe the association

Roller coasters. Roller coasters get all their speed by dropping down a steep initial incline, so it makes sense that the height of that drop might be related to the speed of the coaster.

  Nscs pillars of scholarship

Design an NSCS chapter event you would like to attend. Explain how it relates to the NSCS pillars of scholarship, service and integrity. (Please respond in 300-450 words) (https://www.facebook.com/nscs.asu)/ (https://www.facebook.com/nscs94) --The..

  Explain how that characteristic may be exploited

Describe how top-down and bottom-up methods of threat/fault analysis can be used in identifying assets relevant to a scenario. You do not need to be exhaustive but do enough of the analysis to demonstrate you understand the processes.

  Categories of compression algorithms

Lossless and lossy are the two (2) universally known categories of compression algorithms. Compare the two (2) categories of algorithms

  Calculate and display the average rainfall for the year

Produce a report showing the month name along with the rainfall amount and its variance from the mean. Calculate and display the average rainfall for the year.

  Electronics manufacturers guilty of price-fixing

In July 2012, a court found several electronics manufacturers guilty of price-fixing LCD television and computer panels in one of the largest price-fixing cases

  Average cost function

a. What is the average cost function and the minimum efficient scale of the firm?

  Write a java program to draw a koch star

The first three iterations of this procedure are shown in Figure. Write a Java program to draw a Koch star.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd