You will create an organizational security plan policy
using your assigned readings (pay close attention to Chapter 3 in the Building
an Effective Information Security Policy) as well as the Cybersecurity
Framework http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf as
a resource, creating a two to three page outline for an organizational security
plan policy for securing the architecture of the organizations computer assets.
You will use this outline to create a security plan security awareness policy
in week 8. All critical elements in an organizational plan are to be covered
for your plan based on the outline. Address each Enterprise subject area in the
Table 4: Initial Framework below. You will prepare an outline for use in
preparing a policy based on these subject areas. Confidentiality, Integrity,
and Availability will be thoroughly addressed for protection of the enterprise
that you choose. Major security controls will be identified. Your outline will
provide at least ten headings and list the subject areas with at least two sub-headings
in outline format as:
1. Access controls
a. Select …..
b. Apply …..
a. Ensure confidentiality by compliance with HIPAA,
b. Evaluate ….
Each heading and sub-heading will be in complete
sentences that will define your plan to complete the plan for an effective
Table 4: Initial Framework
Building an Effective Information Security