Information Technology Security Policy Framework
PART A-3 Pages
Establishing an effective Information Technology Security Policy Framework is critical in the development of a comprehensive security program. Additionally, there are many security frameworks that organizations commonly reference when developing their security programs. Review the security frameworks provided by NIST (SP 800-53), ISO / IEC 27000 series, and COBIT. Assume that you have been hired as a consultant by a medium-sized insurance organization and have been asked to draft an IT Security Policy Framework.
You may create and / or assume all necessary assumptions needed for the completion of this assignment.
Write a three to five (3-5) page paper in which you:
Select a security framework, describe the framework selected, and design an IT Security Policy Framework for the organization.
Describe the importance of and method of establishing compliance of IT security controls with U.S. laws and regulations, and how organizations can align their policies and controls with the applicable regulations.
Analyze the business challenges within each of the seven (7) domains in developing an effective IT Security Policy Framework.
Describe your IT Security Policy Framework implementation issues and challenges and provide recommendations for overcoming these implementation issues and challenges.
Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
PART B Discussion Please number 75 words per question
1. Describe the main elements of an acceptable use policy. Determine the factors that organizations need to consider when developing their acceptable use policy.
Determine the special considerations that need to be taken into account when developing the acceptable use policy for different types of users (i.e., employees, system administrators, security personnel, contractors, guests, and auditors).
2. Imagine that your supervisor has asked you to draft a brief statement about best practices for user domain policies that will be presented to the executive board. Create five best practices for user domain policies.
Select the best practice that you would emphasize the most during this presentation to the executive board and explain why.
3. Determine the primary considerations that an organization would need to take into account when developing the security policies involving bring your own device (BYOD), portable and mobile devices.
List and examine the major challenges of enforcing policies concerning BYOD, portable and mobile devices.
4. Analyze the IT infrastructure assets that are commonly located in the DMZ. Determine how the types and size of the organization impact the structure of the DMZ.
Propose at least three policies that organizations need to implement for traffic flowing into the DMZ or out of the DMZ.
Top-quality papers guaranteed
100% original papers
We sell only unique pieces of writing completed according to your demands.
We use security encryption to keep your personal data protected.
We can give your money back if something goes wrong with your order.
Get free features with our reliable essay writing service
We offer you a free title page tailored according to the specifics of your particular style.
Include your preferred formatting style when you order from us to accompany your paper.
Get a list of references to go with your ordered paper.
24/7 support assistance
Reach out to our support agents anytime for free assistance.
Calculate how much your essay costs
What we are popular for
- English 101
- Business Studies