What issues indicate the need for this policy change?

by

Lab Purpose
Given various vectors of cyber-attack and capabilities of threat actors, and a host of other risks and threats to operations, a mature and organized response is necessary for monitoring, detecting, responding, and reacting to risks and incidents of compromise. Such maturity requires a whole organizational response and activity at each level of decision making. In prior labs you have manipulated and re-configured systems at a tactical level, and practiced understanding attacks and improving defenses from an operational level. In this lab you’ll create security policy intended to be implemented strategically, which potentially affecting all organizational stakeholders.
The purpose of this lab is to develop or analyze security policy in order to respond to a systemic organizational problem, such as unauthorized entry into a computer system, the unauthorized installation of software on an enterprise system, or misuse of corporate equipment.
Lab Goals
Upon completion of this lab, you should have:
Recognition of the need for strategically implemented security policies for the purpose of making operational decisions and tactical controls effective.
Lab 1. Review the Center for Internet Security’s Policy Template Guide for NIST’s CSF
a. https://www.cisecurity.org/wp-content/uploads/2020/07/NIST-CSF-Policy-Template-Guide-2020-0720-1.pdf
(Links to an external site.)
2. Find a IT security policy in use by your past, present, or future employer
a. What is missing?
b. What was changed/introduced?
c. What issues indicate the need for this policy change?
d. Write a 100-200 word summary analysis of your findings.
3. Use the CIS Template Guide to refashion or reconstruct the policy, or to create a new one.
a. Optional examples: ASU UTO IT Governance and Policies – https://uto.asu.edu/security-policies
(Links to an external site.)
4. Review the National Center of Education Statistics publication 98-297 chapter 3 and checklist on developing security policy. Note, this document was written more than 20 years ago.
a. https://nces.ed.gov/pubs98/safetech/chapter3.asp
(Links to an external site.)
b. Describe how employee education and accountability, and leadership buy-in of your policy are critical elements in its implementation.
Lab Deliverables
Compile your findings into a single MS Word or PDF document for submission. Use TIMES NEW ROMAN 12-point font. Your document should contain:
Your First and Last Name
Date
Name of the Lab
100 to 200-word summary analysis
Refashioned security policy
100 to 200-word description of the importance of employee education, accountability, and leadership buy-in
Lab Resources
https://www.cisecurity.org/wp-content/uploads/2020/07/NIST-CSF-Policy-Template-Guide-2020-0720-1.pdf
(Links to an external site.)
https://nces.ed.gov/pubs98/safetech/chapter3.asp

Last Completed Projects

topic title academic level Writer delivered

All Rights Reserved.
Disclaimer: for assistance purposes only. These custom papers should be used with proper reference.
Terms and Conditions | Privacy Policy