IT Security Policy: Your organization of 100 employees has recently became a victim of cyber-crime in which a database of personal information (i.e. credit card and social security numbers) was compromised. In light of these events, management has elected you to develop a plan to create a comprehensive IT security policy that includes a decision making framework based on ethical leadership models.
The purpose of this assignment is to evaluate how a management model in place is determined by both company specific and industry specific standards. To do this, create a 3 page report (not including title, table of contents, references, appendices) with the following sections:
Threat Identification,
Competitor / Marketing Analysis
Each section should closely follow APA standards and include associated:
Standards – a detailed written definition for hardware and software and how they are to be used. Standards ensure that consistent security controls are used throughout the IT system.
Procedures – written instructions for how to use policies and standards. They may include a plan of action, installation, testing, and auditing of security controls.
Guidelines – a suggested course of action for using the policy, standards, or procedures. Guidelines can be specific or flexible regarding use for each policy discussed.