Project 1 Employee Handbook
Using the attached Case Study and Instructions. Pleas pay attention to the task assignment instructions located in the Employee Handbook.doc as it mentions the length that each policy must be. Also please utilize the following grading rubric.Executive SummaryExcellent Outstanding Acceptable Needs Improvement Needs Significant Improvement Missing or UnacceptableExecutive Summary for the Policy Briefing Package10 pointsThe Executive Summary provided an excellent summary of the policy package's purpose and contents. Information about the case study company was well integrated into the summary. Each policy was individually introduced and clearly explained. The material was well organized and easy to read.8.5 pointsThe Executive Summary provided an outstanding summary of the policy package's purpose and contents. Information about the case study company was integrated into the summary. Each policy in the briefing package was individually introduced and briefly explained. The material was well organized and easy to read.7 pointsThe Executive Summary provided an acceptable overview of the contents of the policy package. Information about the case study company was used in the summary. Each policy in the briefing package was named and briefly explained.6 pointsThe Executive Summary provided an overview of the policy package. Information about the case study company was mentioned.4 pointsAn executive summary was provided but lacked details as to the purpose and contents of the policy package and/or was not well supported by information drawn from authoritative sources.0 pointsNo work submitted.Acceptable Use PolicyExcellent Outstanding Acceptable Needs Improvement Needs Significant Improvement Missing or Unacceptable Policy Introduction10 pointsThe Acceptable Use Policy contained an excellent introduction which addressed five or more specific characteristics of the company's business, legal & regulatory, and/or enterprise IT environments and addressed the reasons why employees must comply with this policy. Compliance requirements are addressed and contact information is provided for questions about the policy.8.5 pointsThe Acceptable Use Policy contained an outstanding introduction which addressed three or more specific characteristics of the company's business, legal & regulatory, and/or enterprise IT environments and addressed the reasons why employees must comply with this policy. Compliance requirements are addressed and contact information is provided for questions about the policy.7 pointsThe introduction for the Acceptable Use Policy was customized for the case study company. Three or more specific characteristics of the company's business, legal & regulatory, and/or enterprise IT environments were incorporated into the policy. Compliance requirements were addressed.6 pointsThe introduction to the Acceptable Use Policy mentions the case study company and compliance requirements.4 pointsThe Acceptable Use Policy was built from a sample template or list of "recommended" AUP contents without customization for the case study company. (Or, inappropriate or excessive copying from other authors' work.)0 pointsNo work submitted.Policy Content20 pointsThe Acceptable Use Policy was well organized (including 5 or more section headings for topics) and easy to understand. The policy addressed 15 or more employee responsibilities (15 or more separate policy statements) including all topics listed in the assignment.18 pointsThe Acceptable Use Policy was well organized (including 3 or more section headings for topics) and easy to understand. The policy addressed 12 or more employee responsibilities (12 or more separate policy statements) including all topics listed in the assignment.16 pointsThe Acceptable Use Policy was well organized and easy to understand. The policy addressed 10 or more employee responsibilities (as separate policy statements) including at least 7 items listed in the assignment.14 pointsOrganization and appearance need improvement. The policy addressed least 7 items listed in the assignment (as separate policy statements).10 pointsThe Acceptable Use Policy was disorganized and difficult to understand. OR, the policy was significantly lacking in content (7 or fewer policy statements). (Or, inappropriate or excessive copying from other authors' work.)0 pointsNo work submitted.BYOD PolicyExcellent Outstanding Acceptable Needs Improvement Needs Significant Improvement Missing or Unacceptable Policy Introduction10 pointsThe BYOD Policy contained an excellent introduction which addressed three or more specific characteristics of the company's business, legal & regulatory, and/or enterprise IT environments and addressed the reasons why employees must comply with this policy. Compliance requirements are addressed and contact information is provided for questions about the policy.8.5 pointsThe BYOD Policy contained an outstanding introduction which addressed two or more specific characteristics of the company's business, legal & regulatory, and/or enterprise IT environments and addressed the reasons why employees must comply with this policy. Compliance requirements are addressed and contact information is provided for questions about the policy.7 pointsThe introduction for the BYOD Policy was customized for the case study company. One or more specific characteristics of the company's business, legal & regulatory, and/or enterprise IT environments were incorporated into the policy. Compliance requirements were addressed.6 pointsThe introduction to the BYOD Policy mentions the case study company and compliance requirements.4 pointsThe BYOD was built from a sample template or list of "recommended" BYOD contents without customization for the case study company. (Or, inappropriate or excessive copying from other authors' work.)0 pointsNo work submitted.Policy Content15 pointsThe BYOD Policy was well organized (including 3 or more section headings for topics) and easy to understand. The policy addressed 10 or more employee responsibilities (10 or more separate policy statements) including all topics listed in the assignment.13.5 pointsThe BYOD Policy was well organized (including at least 3 section headings for topics) and easy to understand. The policy addressed 7 or more employee responsibilities (7 or more separate policy statements) including all topics listed in the assignment.12 pointsThe BYOD Policy was well organized and easy to understand. The policy addressed 5 or more employee responsibilities (5 or more separate policy statements) including at least 3 topics listed in the assignment.9 pointsOrganization and appearance need improvement. The BYOD policy addressed at least 3 items listed in the assignment (as separate policy statements).6 pointsThe BYOD Policy was disorganized and difficult to understand. OR, the policy was significantly lacking in content (fewer than 3 specific policy statements). (Or, inappropriate or excessive copying from other authors' work.)0 pointsNo work submitted.Digital Media Sanitization, Reuse, & Destruction PolicyExcellent Outstanding Acceptable Needs Improvement Needs Significant Improvement Missing or UnacceptablePolicy Introduction5 pointsThe media sanitization, reuse, and destruction policy contained an excellent introduction which addressed five or more specific characteristics of the company's business and/or legal & regulatory environments which impose requirements for this policy. Compliance requirements are addressed and contact information is provided for questions about the policy.4 pointsThe media sanitization, reuse, and destruction policy contained an outstanding introduction which addressed three or more specific characteristics of the company's business and/or legal & regulatory environments which impose requirements for this policy. Compliance requirements are addressed and contact information is provided for questions about the policy.3 pointsThe media sanitization, reuse, and destruction policy contained an acceptable introduction which mentioned the company's business and/or legal & regulatory environments as a source of requirements for this policy. Compliance requirements are addressed and contact information is provided for questions about the policy.2 pointsThe media sanitization, reuse, and destruction policy contained an introduction which mentioned the reasons why this policy exists and why employees must comply with it.1 pointThe policy was built from a template or list of "best practices" with no customization for the case study company. (Or, inappropriate or excessive copying from other authors' work.)0 pointsNo work submitted.Policy Content10 pointsThe media sanitization, reuse, and destruction policy was well organized (including 3 or more section headings for topics) and easy to understand. The policy addressed all three functions (sanitization, reuse, and destruction) and included 9 or more separate policy statements.8.5 pointsThe media sanitization, reuse, and destruction policy was well organized (including 3 or more section headings for topics) and easy to understand. The policy addressed all three functions (sanitization, reuse, and destruction) and included 7 or more separate policy statements.7 pointsThe media sanitization, reuse, and destruction policy was well organized and easy to understand. The policy addressed all three functions (sanitization, reuse, and destruction) and included 5 or more separate policy statements.6 pointsThe media sanitization, reuse, and destruction policy addressed at least two of the three functions (sanitization, reuse, and destruction) and included 3 or more separate policy statements.4 pointsThe policy addressed employee responsibilities for erasure and destruction of media but lacked important details / information. (Or, inappropriate or excessive copying from other authors' work.)0 pointsNo work submitted.Professionalism Excellent Outstanding Acceptable Needs Improvement Needs Significant Improvement Missing or UnacceptableAddressed security issues using standard terminology5 pointsDemonstrated excellence in the use of standard cybersecurity terminology to support the deliverable. Appropriately used terminology from five or more pillars of IA/IS.4 pointsDeliverable showed an outstanding understanding and integration of standard cybersecurity terminology. Appropriately used terminology from four or more pillars of IA/IS.3 pointsCorrectly used standard cybersecurity terminology in the deliverable. Appropriately used terminology from three or more pillars of IA/IS.2 pointsUsed standard cybersecurity terminology but this usage was not well integrated into the deliverable.1 pointMisused or incorrectly defined cybersecurity terminology.0 pointsDid not integrate standard cybersecurity terminology into the deliverable.Organization & Appearance5 pointsSubmitted work shows outstanding organization and the use of color, fonts, titles, headings and sub-headings, etc. is appropriate to the assignment type.4 pointsSubmitted work has minor style or formatting flaws but still presents a professional appearance. Submitted work is well organized and appropriately uses color, fonts, and section headings (per the assignment’s directions).3 pointsOrganization and/or appearance of submitted work could be improved through better use of fonts, color, titles, headings, etc. OR Submitted work has multiple style or formatting errors. Professional appearance could be improved.2 pointsSubmitted work has multiple style or formatting errors. Organization and professional appearance need substantial improvement.1 pointSubmitted work meets minimum requirements but has major style and formatting errors. Work is disorganized and needs to be rewritten for readability and professional appearance.0 pointsSubmitted work is poorly organized and formatted. Writing and presentation are lacking in professional style and appearance. Work does not reflect college level writing skills. Or, no submission.Execution10 pointsNo word usage, grammar, spelling, or punctuation errors. All quotations (copied text) are properly marked and cited using a professional format (APA format recommended but not required.)8.5 pointsWork contains minor errors in word usage,grammar, spelling or punctuation which do not significantly impact professional appearance. All quotations (copied text) are properly marked and cited using a professional format (APA format recommended but not required.)7 pointsErrors in word usage, spelling, grammar, or punctuation which detract from professional appearance of the submitted work. All quotations (copied text) are properly marked and cited using a professional format (APA format recommended but not required.)6 pointsSubmitted work has numerous errors in word usage, spelling, grammar, or punctuation which detract from readability and professional appearance. Punctuation errors may include failure to properly mark quoted or copied material (an attempt to name original source is required).4 pointsSubmitted work is difficult to read / understand and has significant errors in formatting, spelling, grammar, punctuation, or word usage. Significant errors in presentation of copied text (lacks proper punctuation and failed to attribute material to original source).0 pointsNo work submitted. OR, work contains significant instances of cut-and-paste without proper citing / attribution to the original work or author.Overall Score Excellent 90 or more Outstanding 80 or more Acceptable 70 or more Needs Improvement 56 or more Needs Significant Improvement36 or more Missing or Unacceptable Work 0 or more