Part 1: Research Security Policy Frameworks (0/2 completed)
Note: In this part of the lab, you will review internet resources on security policy frameworks in order to form a basis for their purpose and usage. Understanding the reason behind a security policy framework is key to understanding the component policies and procedures. Please take the time to review the research thoroughly and think through the concepts behind the framework itself.
1. In your browser, navigate to https://www.sans.org/reading-room/whitepapers/policyissues/information-security-policy-development-guide-large-small-companies-1331.
2. Read Sections 1-5 of the SANS Policy Development Guide.
3. Summarize the Policy Development Guide’s recommendations for organizing a policy hierarchy and selecting policy topics.
Note: It is important to understand how and why a policy differs from a standard, a procedure, and a guideline. From the top down, the policy should not change or need modification unless a major shift in corporate values or business process occurs. On the contrary, guidelines should be reviewed, and possibly changed, often.
Similarly, even though a policy should be written clearly and concisely, it is a high-level document answering the “why” questions. Standards are also high level, but they answer the “what” questions. Finally, the procedures and guidelines provide the “how.”
Examples of security policy and guideline templates are available from the SANS Institute at https://www.sans.org/information-security-policy/.
In the next steps, you will learn about COBIT 2019, a popular industry-standard policy framework.
4. In your browser, navigate to https://www.cio.com/article/3243684/what-is-cobit-a-framework-for-alignment-and-governance.html.
5. Describe the core principles and objectives of COBIT 2019.
Part 2: Define a Security Policy Framework (0/2 completed)
Note: Understanding both unique and universal risks to your organization’s IT infrastructure is essential to developing an appropriate IT security policy framework for your organization. In this part of the lab, you will review a list of risk, threats, and vulnerabilities and define appropriate policies to mitigate them. Next, you will organize your policies into a policy framework.
1. Review the following list of risks, threats, and vulnerabilities at the fictional Healthwise Health Care Company.
2. For each risk, threat, or vulnerability in the list above, select an appropriate security policy that might help mitigate it. You can select one of the SANS policies or choose one from the following list.
3. Organize the security policies you selected so that they can be used as part of an overall framework for a layered security strategy.
Challenge Exercise (0/2 completed)Note: The following challenge exercise is provided to allow independent, unguided work – similar to what you will encounter in a real situation.
A user at Digital Innovation Products has been using company network resources to download torrent files onto a USB drive and transfer those files to their home computer. IT tracked down the torrent traffic during a recent network audit. Unfortunately, the company does not have a current policy that restricts this type of activity.
Identify at least two appropriate policies that should be in place to define this type of behavior and the consequences thereof.
Write a brief overview for C-level executives explaining which policies should be added to the company’s overall security policy framework, why they should be added, and how those policies could protect the company.
Try it now!
How it works?
Follow these simple steps to get your paper done
Place your order
Fill in the order form and provide all details of your assignment.
Proceed with the payment
Choose the payment system that suits you most.
Receive the final file
Once your paper is ready, we will email it to you.
Quality Essay Help has stood as the world’s leading custom essay writing services providers. Once you enter all the details in the order form under the place order button, the rest is up to us.
At Quality Essay Help, we prioritize on all aspects that bring about a good grade such as impeccable grammar, proper structure, zero-plagiarism and conformance to guidelines. Our experienced team of writers will help you completed your essays and other assignments.
Admission and Business Papers
Be assured that you’ll definitely get accepted to the Master’s level program at any university once you enter all the details in the order form. We won’t leave you here; we will also help you secure a good position in your aspired workplace by creating an outstanding resume or portfolio once you place an order.
Editing and Proofreading
Our skilled editing and writing team will help you restructure you paper, paraphrase, correct grammar and replace plagiarized sections on your paper just on time. The service is geared toward eliminating any mistakes and rather enhancing better quality.
We have writers in almost all fields including the most technical fields. You don’t have to worry about the complexity of your paper. Simply enter as much details as possible in the place order section.