IT 253 Module Three Activity Guidelines and Rubric
IT 253 Module Three Activity Guidelines and Rubric
Overview
In this module, you explored policies and practices used by organizations to protect information. There are a variety of policies that are intended to improve the security posture of an organization. These policies include but are not limited to: acceptable use policies, privacy policies, authorized access policies, change and configuration management policies, human resource policies, codes of ethics, organizational security policies, password policies, user education and awareness policies, and user management policies, among many others. Many of the aforementioned policies live within an organization’s overarching information security policy, although they can stand alone, depending on the size of the organization. The size of the organization can also affect the ways in which roles and responsibilities are determined. For example, a smaller organization could have an IT department of one, where a larger organization will have dedicated roles with distinct skill sets and responsibilities that no other role takes ownership of.
For the purposes of this activity, you will review a general information security policy of a government organization. Although information security policies can be lengthy, the policy you will be reviewing is considered brief. It is 13 pages long. Be mindful of the time it will take to not only read the policy but to review specific sections in order to address all of the activity questions.
For this week’s activity:
Read the information security policy and the resources provided in the Supporting Materials section.
Consider how laws and regulation influence organizational policies, and the various IT roles that might be included in an information security policy.
Respond to the provided activity questions.
Prompt
Most privately owned and publicly traded firms give their employees access only to security policies and private information. Security policies typically remain for internal use only due to the sensitive nature of their contents. However, many education entities, nonprofits, and government-affiliated institutions make these documents available to the public via their websites. Read the Information Security Policy of the United States Environmental Protection Agency (EPA) and respond to the provided activity questions. To access the policy in full for the purposes of this activity, click on the “Information Security Policy (PDF)” in the link just provided. The Supporting Materials section contains resources that will help you understand the elements of a good policy.
Supporting Materials
These resources will provide you with greater insight into what elements make up a good security policy and help you prepare for your response to the activity questions:
https://www.gartner.com/document/3452221?ref=d-linkShare
https://www.varonis.com/blog/how-to-create-a-good-security-policy
https://www.infosecinstitute.com/resources/management-compliance-auditing/key-elements-information-security-policy/
https://www.varonis.com/blog/fisma-compliance
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.
