Creating Section 3 of the Enterprise Security Strategy Plan

Home » Downloads » Creating Section 3 of the Enterprise Security Strategy Plan

Creating Section 3 of the Enterprise Security Strategy Plan

Close

Unit 6 – Individual Project (125 points)

Due: Sun, Sep 8 |Printer Friendly Version

Description

Assignment Details

This week, you are tasked with creating Section 3 of the Enterprise Security Strategy Plan: the Security Policy. Download this detailed description of the final Enterprise Security Strategy Plan.

For this section of the plan, create 4 security policies (you may include the policy that you created in the previous unit) using the template that you developed in the Unit 5 Discussion Board. Use 1 of the following areas to monitor, or you may compose your own:

  • E-mail
  • Acceptable use
  • Applications
  • Internet use
  • Mobile devices
  • Access control

After you submit this assignment, your instructor will provide specific feedback on this section of your plan. Use this feedback to prepare your document for the final submission in Week 9.

Please submit your assignment.

For assistance with your assignment, please use your textbook, all course resources, and any external research and resources you have gathered.

Individual Project Rubric

The Individual Project (IP) Grading Rubric is a scoring tool that represents the performance expectations for the IP. This Individual Project Grading Rubric is divided into components that provide a clear description of what should be included within each component of the IP. It’s the roadmap that can help you in the development of your IP.

ExpectationPoints PossiblePoints EarnedComments
Assignment-Specific: Submission includes a security policy based on the template that was previously provided.30  
Assignment-Specific: Submission includes a second unique security policy based on the template that was previously provided.30  
Assignment-Specific: Submission includes a third unique security policy based on the template that was previously provided.30  
Assignment-Specific: Submission includes a fourth unique security policy based on the template that was previously provided.25  
Professional Language: The assignment should contain accurate grammar, spelling, and punctuation with few or no errors. APA formatting is required, or another style may be specified in the assignment.10  
Total Points125  
Total Points Earned   

Use this outline for thie project,

Security Policy Outline

Policy Statement

·The purpose of the policy is to lay down the guidelines and procedures for safeguarding AlphaPulse’s information assets. It also aims to ensure confidentiality, integrity, and data availability.

Scope

·The policy will be applicable to all the employees, third-party vendors, and contractors who have access to and are able to access the information systems as well as the data that the company has.

·The policy will cover the entire organizational system, data, networks, and devices in AlphaPulse’s operational environment.

Threats

·The identified threats include external, internal, and environmental threats.

·External threats include malware, cyber-attacks, and phishing.

· Internal threats include accidental data leaks and insider threats.

·Environmental threats include natural disasters and power outages.

Roles and Responsibilities

·IT Department: Deals with technical enforcement, incident response, and monitoring.

·The department will also be in charge of training all the employees.

·Information Security Officer (ISO): In charge of overseeing both the implementation and compliance of the policy.

·Employees: Adhere to the guidelines and also report any suspicious activities.

Guidelines and User Procedures

·Employees must change their passwords regularly and make sure that they are strong and unique.

·Employees must also be trained regularly to ensure that they are well aware of what is expected of them. For instance, it is important to be able to detect any suspicious activity, such as phishing emails.

·Sensitive data should only be handled by authorized personnel.

·Only the approved devices will be allowed to access the network. Any attempt from an authorized devices will be investigated.

Information Technology Procedures

·The systems will be audited regularly to check for vulnerabilities.

·All software and systems will be updated regularly and should have the latest security patches.

·Implementation of role-based access control to ensure access to sensitive data.

Compliance and Enforcement

·Compliance with the policy will be continuously monitored through systems logs and regular audits.

·Violations will call for disciplinary actions, which may result in termination of employment.

·Any breaches have to be reported to the ISO.

Incident Response

·Employees have to report any suspicious activity that they detect immediately.

·The IT Department then isolates the affected systems and removes the threats.

·The systems are then restored, and a post-incident analysis is conducted.

Policy Review and Maintenance

·The policy will be reviewed annually, and any amendments required will be affected.

·ISO is in charge of making sure that the policy is up to date and reflects the current security needs.


Order Material(s)
Completed File(s)

Answer preview to Creating Section 3 of the Enterprise Security Strategy Plan

Creating Section 3 of the Enterprise Security Strategy Plan

APA

2158 words

Get instant access to the full solution from yourhomeworksolutions by clicking the purchase button below

× Lets chat on whatsapp?