User Account

All Pages

Suggest some controls for your security policy

Assignment Help Basic Computer Science
Reference no: EM132411460

• Consider the organization where you work or an organization where you would like to work if you are not currently employed.

• Create a security policy that would benefit your organization

• Suggest some controls for your security policy

• Suggest an audit mechanism to determine compliance

Use the following Format for your policy: I want 2 pages of this assignment with 3 references.

Overview

You should put one or two sentences here that summarize the policy and its purpose for management. This is typically an explanation of why the policy exists. Don't be too technical.

Scope

This is where you define who or what the policy applies to, from all employees to only cashiers that handle cash in the front office. If it applies to equipment, it could be all equipment, all servers, all network connected equipment, or just company issued cell phones. Be specific.

Policy

This is where the policy is actually defined. Don't be too specific, leave that to the procedures and controls that support the policy.

For example, a password policy might state that users cannot share passwords, passwords must be complex, help desk personnel never request passwords, and passwords must rotate periodically. The details of good password construction can be then put in a guideline document, instructions for the help desk on reseting passwords can be a procedure, and that Group Policy is used to force password changes every 60 days is a technical control. None of that should be in the policy, but it all needs to be properly documented and communicated to the people that need it - the guidelines to all staff, the help desk procedure to help desk staff, and the technical controls to the domain admins.

If you are in doubt remember that good policy statements talk about what the policy is trying to accomplish, and are addressed to a wide audience. Procedures and controls talk about how it is to be accomplished and are addressed to the staff that must carry it out.

Compliance Measurement

Typically, this section includes the job title of the person responsible for overseeing its implementation or the department if multiple people are responsible, a reference to audit mechanisms, and the consequences for failure to abide by policy.

Definitions, Related Standards, and Policies

This section usually contains definitions of technical or ambiguous terms, cross-references to applicable regulations, and other policies that relate to this policy. Examples include union contracts, discipline policies, and implementation guidelines. In our password policy example, this where readers would be told to consult the password construction guideline document.

Exceptions

If there any circumstances that might allow temporary exception to the policy, such as during an emergency, define them here. If there is anyone with the authority to temporarily waive the policy, they should be identified by job title. This section is often omitted since many policies do not allow any exceptions.

Reference no: EM132411460

Questions Cloud

How can you encourage students to share the prior knowledge : Why is it important to help your students make connections between new social studies concepts and their prior knowledge? How can you encourage students.
Examine the pros and cons of automated grading : Select one (1) LMS. Examine the pros and cons of automated grading within this LMS. Determine the main types of questions or assignments that can be auto graded
How your perception of human services has changed : Think about how your perception of human services has changed since the beginning of your program. Reflect on your strengths and limitations in human services.
Practical manner to your current work environment : How the knowledge, skills, or theories of this course have been applied, or could be applied, in a practical manner to your current work environment
Suggest some controls for your security policy : Create a security policy that would benefit your organization. Suggest some controls for your security policy
Information security anomalies and events : A security operations center (SOC) is dedicated monitoring, assessment, and defense facility that responds to real-time information security anomalies and event
Develop risk management framework : If Blue Wood Chocolate and Kilgore Custom Milling are to develop a risk management framework, who should lead the process at each company?
ITEC 2610 Object-Oriented Programming Assignment : ITEC 2610 Object-Oriented Programming Assignment Help and Solution - York University, Canada. Write a program NumberCount that counts the numbers
How these strategies differ from each other in terms of risk : Discuss how these strategies differ from each other in terms of risk and potential benefit, and how are they similar.

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Identifies the cost of computer

identifies the cost of computer components to configure a computer system (including all peripheral devices where needed) for use in one of the following four situations:

  Input devices

Compare how the gestures data is generated and represented for interpretation in each of the following input devices. In your comparison, consider the data formats (radio waves, electrical signal, sound, etc.), device drivers, operating systems suppo..

  Cores on computer systems

Assignment : Cores on Computer Systems:  Differentiate between multiprocessor systems and many-core systems in terms of power efficiency, cost benefit analysis, instructions processing efficiency, and packaging form factors.

  Prepare an annual budget in an excel spreadsheet

Prepare working solutions in Excel that will manage the annual budget

  Write a research paper in relation to a software design

Research paper in relation to a Software Design related topic

  Describe the forest, domain, ou, and trust configuration

Describe the forest, domain, OU, and trust configuration for Bluesky. Include a chart or diagram of the current configuration. Currently Bluesky has a single domain and default OU structure.

  Construct a truth table for the boolean expression

Construct a truth table for the Boolean expressions ABC + A'B'C' ABC + AB'C' + A'B'C' A(BC' + B'C)

  Evaluate the cost of materials

Evaluate the cost of materials

  The marie simulator

Depending on how comfortable you are with using the MARIE simulator after reading

  What is the main advantage of using master pages

What is the main advantage of using master pages. Explain the purpose and advantage of using styles.

  Describe the three fundamental models of distributed systems

Explain the two approaches to packet delivery by the network layer in Distributed Systems. Describe the three fundamental models of Distributed Systems

  Distinguish between caching and buffering

Distinguish between caching and buffering The failure model defines the ways in which failure may occur in order to provide an understanding of the effects of failure. Give one type of failure with a brief description of the failure

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd