Propose a Security Policy for an Organization
Preparation: Choose a real or hypothetical organization, corporation (profit or non-profit), or institution that uses IT in its product, services, activities, and/or operations. If you work in an organization or field that could benefit from an information network security policy, you might have chosen that company to apply the project to it.
Assignment: Prepare a well-written security policy proposal for your organization that utilizes the concepts learned in the course as a basis for your analysis and policy.
Make sure that your proposal includes these basic elements of a good security policy:
- An introduction that describes your organization, its mission, products/services, technical resources, and technical strategy.
- Analysis of the organization’s relationships to its clients/customers, staff, management, and owners or other stakeholders.
- A vulnerability assessment.
- Your security policy recommendation should:
- Propose remedial measures as appropriate to the situation. These might include firewall/gateway provisions, authentication and authorization, encryption systems, intrusion detection, virus detection, incident reporting, education/training, etc.
- Propose a code of ethics or code of practice to be applied within the organization.
- Propose legal/compliance requirements and describe how they will be met.
- Propose a security policy statement/summary.
Important: You must justify every element of your proposal in ethical and legal terms. In other words, you need to state why each policy/code element (including technical elements) is good for business and why it is good/sound ethical policy (how it is good for the organization and why it is good for customers, users, or employees, or the public). You should also identify any ethical/legal tensions, conflicts, and/or contradictions and justify any trade-offs being made in the recommendation.
Your paper should be 8 pages in length and conform to APA guidelines.
Discuss and cite at least three credible or scholarly sources other than the course textbooks (which can be cited as well) to support your analysis and policy choices.