Description
You will include the importance of an acceptable use policy, privacy policy, and change and configuration management policy. Your security policy will be created by including the three parts below along with an introduction and conclusion.
Create the IT Security Policy Framework:
Part 1: The “Acceptable Use Policy” (see Chapter 3.1.1 in your TestOut courseware):
Formulate one organizational goal for a fictitious organization.
Formulate one organizational objective for a fictitious organization.
- Identify one regulation that would apply to a fictitious organization.
Explain why the regulation applies.
- Identify one law that would apply for a fictitious organization.
- Explain why the law applies.
- Discuss the stakeholders and their interests for a fictitious organization.
Part 2: The “Privacy Policy” (see Chapter 3.1.1 in your TestOut courseware).
- Identify a minimum of two functional policies that would need to be implemented for a fictitious organization.
- Develop one new functional policy to address one of the policies identified in your list.
Part 3: The “Change and Configuration Management Policy” (see Chapter 3.1.1 in your TestOut courseware).
- Discuss the industry standards, procedures, baselines, and guidelines related to the functional policy developed in Part 2.
- The IT Security Policy Framework paper
Explanation & Answer
View attached explanation and answer. Let me know if you have any questions.
1
Cyber security
Name
Institution Affiliation
Date
2
Introduction
Most small and medium-sized businesses do not have well-designed IT security
requirements to guarantee that their information security framework and activities are successful.
A lack of a cyber security policy can be caused by several factors, including a scarcity of funds
to assist with policy formation, sluggish management and leadership adoption, or simply a lack
of awareness of the importance of having an efficient online security system in place. A cyber
security policy outlines the rules and procedures that everybody who enters and utilizes an
institution's IT resources must adhere to (Wilson et al., 2016, August). So, why are IT Security
Policies necessary in the first place? These computer security policies are established to solve
security risks, implement procedures to avoid IT security flaws, and specify how to remediate a
network intrusion. Staff is also provided advice on what they should and should not do to follow
the regulations. They also describe who has access to what and the consequences if the rules are
not followed. The main goal of this work is to emphasize the...