5-2 Information Technology Risk Analysis and Cyber Security Policy Assignment, Part 2
Submit your creation of a cyber-security policy. (Please note: You must use the information that was identified in the risk analysis paper and create an organizational cyber-security policy.) The cyber-security policy will assess how the organization will interpret security issues that occur in the workplace. The cyber-security policy will also distinguish and examine ethical issues in the workplace that pertain to social media, email, and privacy.
The paper is pertaining to the Twitter data breach that happened earlier this year. No need to go back over the breach but rather a policy to mitigate the security issues within the workplace as identified above.
IT 659 Information Technology Risk Analysis and Cyber Security Policy Part 2 Guidelines and Rubric
In the second portion of this assessment, you create an organizational cyber-security policy using the information that was identified in the risk analysis paper.
Prompt: You will submit your creation of a cyber-security policy. The cyber-security policy will assess how the organization will interpret security issues that
occur in the workplace. The cyber-security policy will also distinguish and examine ethical issues in the workplace that pertain to social media, email, and
privacy.
Specifically the following critical elements must be addressed:
1. Compose an organizational security policy that protects the confidentiality, integrity, and availability of the organization’s data.
2. Evaluate the current U.S. cyberlaws; state statutes; and criminal, civil, private, and public laws and compare them with the organizational security policy
to ensure compliance.
3. Assess the network cyber-security policy to determine if the policy is able to minimize risks and vulnerabilities.
4. Develop security policy sections that identify acceptable use for users pertaining to privacy, social media, email usage, an d internet usage in the
workplace.
Guidelines for Submission: Your paper must be submitted as a three- to five-page Word document with double spacing, 12-point Times New Roman font, one-
inch margins, and at least three sources cited in APA format.
Critical Elements Exemplary (100%) Proficient (90%) Needs Improvement (70%) Not Evident (0%) Value
Organizational
Security Policy
Meets “Profi ci ent” cri teri a
s uppl emented wi th exampl es to
s upport thi nki ng
Compos e an organi zati onal
s ecuri ty pol i cy that protects the
confi denti al ity, i ntegri ty, and
avai l ability of the organi zati on’s
data
Organi zati onal s ecurity pol i cy
that protects the confi denti al ity,
i ntegri ty, and avai l ability of the
organi zati on’s data i s mi ni mally
compos ed
An organi zati onal s ecurity policy
that protects the confi denti al ity,
i ntegri ty, and avai l ability of the
organi zati on’s data i s not
evi dent
20
Compliance Meets “Profi ci ent” cri teri a
s ubs tanti ated wi th res earch-
bas ed evi dence to s upport
fi ndi ngs
Eval uate the current U.S.
cyberl aws ; s tate s tatutes ; and
cri mi nal , ci vil, pri vate, and
publ i c l aws and compare them
wi th the organi zati onal s ecurity
pol i cy to ens ure compl i ance
Eval uati on of the current U.S.
cyber l aws ; s tate s tatutes ;
cri mi nal , ci vil, pri vate, and
publ i c l aws and compari son
wi th the organi zati onal s ecurity
pol i cy to ens ure compl i ance i s
l acki ng i n detai l and/or accuracy
Does not eval uate the current
U.S. cyber l aws ; s tate s tatutes ;
and cri mi nal , ci vil, pri vate, and
publ i c l aws and compare them
wi th the organi zati onal s ecurity
pol i cy to ens ure compl i ance
20
Risks and
Vulnerabilities
Meets “Profi ci ent” cri teri a
s upported wi th exampl es to
s upport the ri s ks and
vul nerabi l ities that were
as s es s ed
As s es s the network cyber-
s ecuri ty pol i cy to determi ne i f
the pol i cy i s abl e to mi ni mi ze
ri s ks and vul nerabiliti es
As s es s ment of the network
cyber-s ecuri ty pol i cy to
determi ne i f the pol i cy i s able to
mi ni mi ze ri s ks and
vul nerabi l ities i s mi ni mal
As s es s ment of the network
cyber-s ecuri ty pol i cy to
determi ne i f the pol i cy i s able to
mi ni mi ze ri s ks and
vul nerabi l ities i s not evi dent
20
Security Policy
Sections
Meets “Profi ci ent” cri teri a
s ubs tanti ated wi th expl i ci t
detai l s i n each s ecuri ty pol i cy
s ecti on
Devel op s ecuri ty pol i cy s ecti ons
that i denti fy acceptabl e us e for
us ers pertai ni ng to pri vacy,
s oci al medi a, emai l us age, and
i nternet us age i n the workpl ace
Devel opment of s ecuri ty pol i cy
s ecti ons that i denti fy
acceptabl e us e for us ers
pertai ni ng to pri vacy, s oci al
medi a, emai l us age, and
i nternet us age i n the workpl ace
i s l acki ng i n detai l
Devel opment of s ecuri ty pol i cy
s ecti ons that i denti fy
acceptabl e us e for us ers
pertai ni ng to pri vacy, s oci al
medi a, emai l us age, and
i nternet us age i n the workpl ace
i s not evi dent
20
Articulation of
Response
Submi s s i on i s free of errors
rel ated to ci tati ons , grammar,
s pel l i ng, s yntax, and
organi zati on and i s pres ented i n
a profes s i onal and eas y-to-read
format
Submi s s i on has no major errors
rel ated to ci tati ons , grammar,
s pel l i ng, s yntax, or organi zati on
Submi s s i on has major errors
rel ated to ci tati ons , grammar,
s pel l i ng, s yntax, or organi zati on
that negati vel y i mpact
readabi l ity and arti culation of
mai n
i deas
Submi s s i on has criti cal errors
rel ated to ci tati ons , grammar,
s pel l i ng, s yntax, or organi zati on
that prevent unders tandi ng of
i deas
20
Earned Total 100%