Home » Downloads » Information Security Policy

Information Security Policy

Information Security Policy

Case Study 1: COBIT Framework.
Control Objectives for Information and related Technology (COBIT) is an IT control framework that allows IT management to develop clear policies and apply good practices. COBIT is a business-focused, process-oriented, controls-based, and measurement-driven structure that helps align IT with the business requirements. Imagine your organization was recently assessed by a third party and the results are addressed in the article titled “ Social Engineering, the USB Way” located at http://www.darkreading.com/security/article/208803634/index.html. In an attempt to mitigate future risks identified in the assessment, complete the following requirements:

Write a three (4) page paper in which you:

this section is three pages
  1. Develop an IT security policy statement for your organization that addresses the following:
    1. social engineering
    2. malware
    3. the use of external storage devices on organizational equipment
    4. the education and training of users
  2. Explain and defend your proposed security policy statement.
  3. Suggest three (3) automated and / or physical controls to be incorporated into the IT infrastructure that support your proposed security policy statement.
  4. Analyze how the implemented controls would be monitored and evaluated for the purpose of effectiveness.

next section needs to be one page

  1. Define social engineering, malware, and removable storage devices.
  2. Identify the potential risks of social engineering, malware, and removable storage devices.
  3. Describe how the organization intends to combat the potential risks of social engineering, malware, and removable storage devices.

 

the work needs 4 references in apa

use subtitles to clearly show the sections
APA formatting
………….Answer Preview……………

Information Security Policy

Information security policy refers to a set of policies that an organization uses to ensure that the users of information technology operate within the defined organization domain and at the same time ensure that organizational networks comply with guidelines and rules that govern the security of stored data (Skoudis & Zeltser, 2004). This analysis discusses an IT security policy for an organization focusing on major areas such as social engineering, external storage devices, and user training and education. The analysis includes arguments…………………

APA
1,428 Words

Can't find what you are looking for?

Ask our tutors anything

Place order

Accounting

Applied Sciences

Article Writing

Astronomy

Biology

Business

Calculus

Chemistry

Communications

Computer Science

Counselling

Criminology

Economics

Education

Engineering

English

Environmental

Ethics

Film

Food and Nutrition

Geography

Healthcare

History

Human Resource Management

Information Systems

Law

Literature

Management

Marketing

Mathematics

Nursing

Philosophy

Physics

Political Science

Psychology

Religion

Sociology

Statistics

Writing

Terms of service

IntaSend Secure Payments (PCI-DSS Compliant) Secured by IntaSend Payments

Contact

× Lets chat on whatsapp?