User Account

All Pages

Does the policy align well with other governing documents

Assignment Help Computer Engineering
Reference no: EM133473296

Assignment

Part A: Research Security Awareness Policies

Note: In this part of the lab, you will review an example of a security awareness training policy in order to form a basis for their purpose and usage. Understanding the reason behind a security awareness training policy is key to understanding the component policies and procedures. Please take time to review the research thoroughly and think through the concepts of the policy itself.

I. Review the security awareness training policy at the following website:

1. Health care: State of North Carolina Department of Health and Human Services.

II. For the sample security awareness training policy that you reviewed in the step above, discuss the policy's main components. You should focus on the need for a security awareness program and its key elements.

Part B: Create a Security Awareness Policy

Note: A strong security awareness policy is a key component of a strong organizational security posture. The effectiveness of a security awareness training policy and program will directly influence how well employees will value and protect the organization's security position. When writing a security awareness training policy, consider the following questions:

1. Is the policy statement as concise and readable as possible? For example, no more than one to three sentences.

2. Is the entire policy as concise and readable as possible? For example, no more than two to three pages.

3. Does the policy align well with other governing documents?

4. Does the policy speak directly to the target audience?

5. Does the policy state the "why" with only the minimal detail, and rely on standards or guidelines for the "how"? Policies should be written in such a way that they will not need frequent updates.

6. Does the policy adequately describe scope and responsibilities?

7. Are the policy's revision, approval, and distribution documented?

After the policy has been approved, its success relies on proper delivery and understanding. To simply give a new employee 5 minutes to read and sign a policy during orientation is not enough. Focused and interactive "policy understanding" sessions should guarantee every employee understands the policy's reasoning and necessity. Customizing these sessions according to department or function can drastically increase how much employees retain of and apply the training during their work. Repeat sessions reinforce the policies and keep material fresh in their minds.

I. Review the following scenario for the fictional Bankwise Credit Union:

1. The organization is a local credit union that has several branches and locations throughout the region.

2. Online banking and use of the internet are the bank's strengths, given its limited human resources.

3. The customer service department is the organization's most critical business function.

4. The organization wants to be in compliance with the Gramm-Leach-Bliley Act (GLBA) and IT security best practices regarding its employees.

5. The organization wants to monitor and control use of the Internet by implementing content filtering.

6. The organization wants to eliminate personal use of organization-owned IT assets and systems.

7. The organization wants to monitor and control use of the e-mail system by implementing e-mail security controls.

8. The organization wants to implement security awareness training policy mandates for all new hires and existing employees. Policy definitions are to include GLBA and customer privacy data requirements, in addition to a mandate for annual security awareness training for all employees.

II. Create a security management policy with defined separation of duties for the Bankwise Credit Union.

Bankwise Credit Union
Security Awareness Training Policy
Policy Statement
Define your policy verbiage.

1. Purpose/Objectives

Define the policy's purpose as well as its objectives.

2. Scope

Define whom this policy covers and its scope. What elements, IT assets, or organization-owned assets are within this policy's scope?

3. Standards

Does the policy statement point to any hardware, software, or configuration standards? If so, list them here and explain the relationship of this policy to these standards.

4. Procedures

Explain how you intend to implement this policy for the entire organization.

5. Guidelines

Explain any roadblocks or implementation issues that you must overcome in this section and how you will surmount them per defined guidelines. Any disputes or gaps in the definition and separation of duties responsibility may need to be addressed in this section.

6. Challenge Exercise

Note: The following challenge exercise is provided to allow independent, unguided work - similar to what you will encounter in a real situation.

There are many vendors that provide security awareness training software to organizations that do not have the time nor the resources to create their own. When selecting a software vendor, many organizations will issue a Request for Information (RFI) to potential vendors, outlining the details of what the organization would like to learn about the vendor's solution. You can read more about RFIs.

As a security manager at eChef, an online marketplace for high-end kitchenware, you have been tasked with selecting a security awareness training software provider.

Use the internet to research real security awareness training software providers.

1. Identify three security awareness training software providers.
2. Identify 10 questions that you would include in your RFI.

Reference no: EM133473296

Questions Cloud

How do you define a high-risk transaction : How do you define a high-risk transaction? What are four roles (two sets of two related roles) you would separate and why?
How will be apply criminal law course to current-future work : How will you be able to apply what you learned in this criminal law course to your current or future work?
Find a current news story associated with business : Find a current news story associated with business. This can include news stories about the race to the bottom, ethics and sustainability of global supply chain
Awareness of your own or others media literacy : What are your weaknesses as a media-literate person? How has this class impacted your awareness of your own or others' media literacy?
Does the policy align well with other governing documents : Does the policy align well with other governing documents? Does the policy speak directly to the target audience? Does the policy adequately describe scope?
How might communication and the work environment : How might communication and the work environment be affected by Aboriginal and Torres Strait Islander cultural factorserences in the workplace research gate.
Characteristics of an interrogation : For each of the five characteristics of an interrogation listed above, explain: how each benefits the interrogator.
Identify leadership style : Identify their leadership style. Justify his characterization, Explain how his leadership style has shaped,
Describe why current welfare regulations have failed : Describe the content and the scope of this new policy by itemizing the rules it establishes. For example, who should be eligible to get welfare benefits?

Reviews

Write a Review

Computer Engineering Questions & Answers

  Create an excel spreadsheet that indicates the rental type

you manage a b amp b in vail colorado which has three 1 bedroom suites and two 2 bedroom suites. the 1 bedrooms rent

  How many of the pictures are visible at the end of process

How many of the pictures are visible at the end of the process? Reduce the number of loops as far as you can to produce the same end result.

  What does it take for the system to become unable to post

what does it take for the system to become unable to post further blocks. ensuring that everyone agrees on the current state of the blockchain.

  Analyse and develop artefacts to define processes

ITECH7410 Software Engineering Methodologies - Federation University - State Transition Diagram - critically analyse and develop artefacts to define processes

  Explain the basics of normalization in plain english

She would like you to explain the basics of normalization in plain English to help her understand the data design tasks.

  Output each persons name and the link to their web page

Main chart web page should be constructed using XHTML and use the PHP variables.php script to output each person's name and the link to their web page

  Evaluate the threaded implementation of the sort algorithm

Evaluate the threaded implementation of the sort algorithm relative to data integrity and concurrency control. Write a2- to 3-page paper evaluating the implementation of the sort algorithm.

  Compare the two mean nusselt numbers

For laminar flow over a constant-heat-flux surface develop two expressions for the mean Nusselt number. In the first case base the heat-transfer coefficient.

  Define the way in which a person writes or sends e-mails

explain a scenario in which someone displayed bad netiquette. How did someone react to receiving the email? what could the sender have done differently to display good netiquette.

  Utilization of cryptography

You have been hired to offer the advice regarding the utilization of the cryptography to developer of new two products within a company.

  Write a c program that reads all five values from this file

Using the Emacs editor create a file called testdata4 (no extension) that contains 5 positive integer values.

  How would you use information technology

As an IT professional, how would you use information technology to improve the efficiency the three levels of management hierarchy?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd