Organizations Rely Heavily On The Use Of Information Technology (IT) Products And Services To Run Their Day-To-Day Activities. Ensuring The Security Of These Products And Services Is Of The Utmost Importance For The Success Of The Organization.

 Organizations rely heavily on the use of information technology (IT) products and services to run their day-to-day activities. Ensuring the security of these products and services is of the utmost importance for the success of the organization. Having a security policy that address acceptable use of these resources is an essential aspect of IT governance and management. 

 

Follow guidelines in the (NIST.SP.800-12r1) document to develop a mock Computer/Internet Security Policy. Your policy document must be a 3 page stand-alone document that can be reviewed, maintained and distributed to employees, staff or other stakeholders when necessary. Your policy document must contain at least the following sections:

1.  A “Preamble” – it describes

  • 1) the scope and applicability of the policy (who is affected by the policy, when and under what conditions);
  • 2) a definition of technology covered;
  • 3) a confidentiality of data statement;
  • 4) Incident response handling procedures;
  • 5) Responsibilities (monitoring, reporting violations, penalties for violations, etc.)
  • 6) a policy review schedule

2. Physical security

  • Acceptable use
  • Un-acceptable use
  • Back-up and storage strategies

3. Access security

  • Device
  • passwords
  • web access
  • network access
  • remote access
  • mobile
  • wireless
  • Email security

5. Virus protection

Remember to follow APA6 guidelines in citing all sources used. Then also include an APA style reference list as the last page of your Computer/Internet Security Policy.  When you have finished writing your Computer/Internet Security Policy document, click the Write Submission link and submit your paper for grading.  OR, just paste your entire document as a Word doc attachment.